Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2018-11218
Vulnerability from cvelistv5
Published
2018-06-17 17:00
Modified
2024-08-05 08:01
Severity ?
EPSS score ?
Summary
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:01:52.448Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "104553", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/104553", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/antirez/redis/issues/5017", }, { name: "DSA-4230", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4230", }, { name: "RHSA-2019:0052", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0052", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://antirez.com/news/119", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3", }, { name: "RHSA-2019:0094", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0094", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "RHSA-2019:1860", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1860", }, { name: "GLSA-201908-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-04", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-06-17T00:00:00", descriptions: [ { lang: "en", value: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-09T22:06:05", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "104553", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/104553", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/antirez/redis/issues/5017", }, { name: "DSA-4230", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4230", }, { name: "RHSA-2019:0052", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0052", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0", }, { tags: [ "x_refsource_MISC", ], url: "http://antirez.com/news/119", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3", }, { name: "RHSA-2019:0094", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0094", }, { tags: [ "x_refsource_MISC", ], url: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", }, { tags: [ "x_refsource_MISC", ], url: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "RHSA-2019:1860", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1860", }, { name: "GLSA-201908-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-04", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-11218", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "104553", refsource: "BID", url: "http://www.securityfocus.com/bid/104553", }, { name: "https://github.com/antirez/redis/issues/5017", refsource: "MISC", url: "https://github.com/antirez/redis/issues/5017", }, { name: "DSA-4230", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4230", }, { name: "RHSA-2019:0052", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0052", }, { name: "https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0", refsource: "MISC", url: "https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0", }, { name: "http://antirez.com/news/119", refsource: "MISC", url: "http://antirez.com/news/119", }, { name: "https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3", refsource: "MISC", url: "https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3", }, { name: "RHSA-2019:0094", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0094", }, { name: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", refsource: "MISC", url: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", }, { name: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", refsource: "MISC", url: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "RHSA-2019:1860", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1860", }, { name: "GLSA-201908-04", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-04", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-11218", datePublished: "2018-06-17T17:00:00", dateReserved: "2018-05-16T00:00:00", dateUpdated: "2024-08-05T08:01:52.448Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.2.12\", \"matchCriteriaId\": \"A638FE37-0FA9-40E6-90AD-5241977EE2E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.0\", \"versionEndExcluding\": \"4.0.10\", \"matchCriteriaId\": \"2E46FE4D-C1EC-4270-A5B1-349DD726AF87\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redislabs:redis:5.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6037E16-4EE7-44F6-9045-DA6B705B0F5B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3517A27-E6EE-497C-9996-F78171BBE90F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"704CFA1A-953E-4105-BFBE-406034B83DED\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.\"}, {\"lang\": \"es\", \"value\": \"Se ha descubierto una corrupci\\u00f3n de memoria en la biblioteca cmsgpack en el subsistema Lua en Redis en versiones anteriores a la 3.2.12, versiones 4.x anteriores a la 4.0.10 y versiones 5.x anteriores a la 5.0 RC2 debido a desbordamientos de b\\u00fafer basados en pila.\"}]", id: "CVE-2018-11218", lastModified: "2024-11-21T03:42:55.393", metrics: "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2018-06-17T17:29:00.277", references: "[{\"url\": \"http://antirez.com/news/119\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/104553\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0052\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0094\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1860\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/antirez/redis/issues/5017\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201908-04\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.debian.org/security/2018/dsa-4230\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://antirez.com/news/119\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/104553\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0052\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0094\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1860\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/antirez/redis/issues/5017\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201908-04\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.debian.org/security/2018/dsa-4230\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]", sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2018-11218\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-06-17T17:29:00.277\",\"lastModified\":\"2024-11-21T03:42:55.393\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto una corrupción de memoria en la biblioteca cmsgpack en el subsistema Lua en Redis en versiones anteriores a la 3.2.12, versiones 4.x anteriores a la 4.0.10 y versiones 5.x anteriores a la 5.0 RC2 debido a desbordamientos de búfer basados en pila.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.12\",\"matchCriteriaId\":\"A638FE37-0FA9-40E6-90AD-5241977EE2E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0\",\"versionEndExcluding\":\"4.0.10\",\"matchCriteriaId\":\"2E46FE4D-C1EC-4270-A5B1-349DD726AF87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redislabs:redis:5.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6037E16-4EE7-44F6-9045-DA6B705B0F5B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3517A27-E6EE-497C-9996-F78171BBE90F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"704CFA1A-953E-4105-BFBE-406034B83DED\"}]}]}],\"references\":[{\"url\":\"http://antirez.com/news/119\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104553\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0052\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0094\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1860\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/antirez/redis/issues/5017\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201908-04\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4230\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://antirez.com/news/119\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104553\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0052\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0094\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1860\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/antirez/redis/issues/5017\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201908-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4230\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}", }, }
fkie_cve-2018-11218
Vulnerability from fkie_nvd
Published
2018-06-17 17:29
Modified
2024-11-21 03:42
Severity ?
Summary
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "A638FE37-0FA9-40E6-90AD-5241977EE2E7", versionEndExcluding: "3.2.12", vulnerable: true, }, { criteria: "cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "2E46FE4D-C1EC-4270-A5B1-349DD726AF87", versionEndExcluding: "4.0.10", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redislabs:redis:5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "E6037E16-4EE7-44F6-9045-DA6B705B0F5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", matchCriteriaId: "D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", matchCriteriaId: "E3517A27-E6EE-497C-9996-F78171BBE90F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", matchCriteriaId: "704CFA1A-953E-4105-BFBE-406034B83DED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", }, { lang: "es", value: "Se ha descubierto una corrupción de memoria en la biblioteca cmsgpack en el subsistema Lua en Redis en versiones anteriores a la 3.2.12, versiones 4.x anteriores a la 4.0.10 y versiones 5.x anteriores a la 5.0 RC2 debido a desbordamientos de búfer basados en pila.", }, ], id: "CVE-2018-11218", lastModified: "2024-11-21T03:42:55.393", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-17T17:29:00.277", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "http://antirez.com/news/119", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104553", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0052", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0094", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:1860", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/antirez/redis/issues/5017", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201908-04", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4230", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://antirez.com/news/119", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104553", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0052", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0094", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:1860", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/antirez/redis/issues/5017", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4230", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2018-11218
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
Aliases
Aliases
{ GSD: { alias: "CVE-2018-11218", description: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", id: "GSD-2018-11218", references: [ "https://www.suse.com/security/cve/CVE-2018-11218.html", "https://www.debian.org/security/2018/dsa-4230", "https://access.redhat.com/errata/RHSA-2019:1860", "https://access.redhat.com/errata/RHSA-2019:0094", "https://access.redhat.com/errata/RHSA-2019:0052", "https://advisories.mageia.org/CVE-2018-11218.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2018-11218", ], details: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", id: "GSD-2018-11218", modified: "2023-12-13T01:22:42.034160Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-11218", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "104553", refsource: "BID", url: "http://www.securityfocus.com/bid/104553", }, { name: "https://github.com/antirez/redis/issues/5017", refsource: "MISC", url: "https://github.com/antirez/redis/issues/5017", }, { name: "DSA-4230", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4230", }, { name: "RHSA-2019:0052", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0052", }, { name: "https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0", refsource: "MISC", url: "https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0", }, { name: "http://antirez.com/news/119", refsource: "MISC", url: "http://antirez.com/news/119", }, { name: "https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3", refsource: "MISC", url: "https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3", }, { name: "RHSA-2019:0094", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0094", }, { name: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", refsource: "MISC", url: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", }, { name: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", refsource: "MISC", url: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "RHSA-2019:1860", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1860", }, { name: "GLSA-201908-04", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-04", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.0.10", versionStartIncluding: "4.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.2.12", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:redislabs:redis:5.0:rc1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-11218", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-787", }, ], }, ], }, references: { reference_data: [ { name: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", refsource: "MISC", tags: [ "Third Party Advisory", ], url: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", }, { name: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", refsource: "MISC", tags: [ "Third Party Advisory", ], url: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", }, { name: "https://github.com/antirez/redis/issues/5017", refsource: "MISC", tags: [ "Third Party Advisory", ], url: "https://github.com/antirez/redis/issues/5017", }, { name: "https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0", }, { name: "https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3", refsource: "MISC", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3", }, { name: "http://antirez.com/news/119", refsource: "MISC", tags: [ "Exploit", "Third Party Advisory", ], url: "http://antirez.com/news/119", }, { name: "DSA-4230", refsource: "DEBIAN", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4230", }, { name: "104553", refsource: "BID", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/104553", }, { name: "RHSA-2019:0094", refsource: "REDHAT", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0094", }, { name: "RHSA-2019:0052", refsource: "REDHAT", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0052", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", refsource: "MISC", tags: [ "Third Party Advisory", "Patch", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { name: "RHSA-2019:1860", refsource: "REDHAT", tags: [], url: "https://access.redhat.com/errata/RHSA-2019:1860", }, { name: "GLSA-201908-04", refsource: "GENTOO", tags: [], url: "https://security.gentoo.org/glsa/201908-04", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, }, }, lastModifiedDate: "2021-08-04T17:14Z", publishedDate: "2018-06-17T17:29Z", }, }, }
RHSA-2019:0052
Vulnerability from csaf_redhat
Published
2019-01-16 17:09
Modified
2025-03-16 23:54
Summary
Red Hat Security Advisory: redis security update
Notes
Topic
An update for redis is now available for Red Hat OpenStack Platform 10.0 (Newton).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.
Security Fix(es):
* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)
* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)
* redis: code execution via a crafted command line (CVE-2018-12326)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for redis is now available for Red Hat OpenStack Platform 10.0 (Newton).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.\n\nSecurity Fix(es):\n\n* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)\n\n* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)\n\n* redis: code execution via a crafted command line (CVE-2018-12326)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0052", url: "https://access.redhat.com/errata/RHSA-2019:0052", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0052.json", }, ], title: "Red Hat Security Advisory: redis security update", tracking: { current_release_date: "2025-03-16T23:54:54+00:00", generator: { date: "2025-03-16T23:54:54+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2019:0052", initial_release_date: "2019-01-16T17:09:43+00:00", revision_history: [ { date: "2019-01-16T17:09:43+00:00", number: "1", summary: "Initial version", }, { date: "2019-01-16T17:09:43+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-16T23:54:54+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenStack Platform 10.0", product: { name: "Red Hat OpenStack Platform 10.0", product_id: "7Server-RH7-RHOS-10.0", product_identification_helper: { cpe: "cpe:/a:redhat:openstack:10::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenStack Platform", }, { branches: [ { category: "product_version", name: "redis-0:3.0.6-4.el7ost.x86_64", product: { name: "redis-0:3.0.6-4.el7ost.x86_64", product_id: "redis-0:3.0.6-4.el7ost.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.0.6-4.el7ost?arch=x86_64", }, }, }, { category: "product_version", name: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64", product: { name: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64", product_id: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redis-debuginfo@3.0.6-4.el7ost?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "redis-0:3.0.6-4.el7ost.src", product: { name: "redis-0:3.0.6-4.el7ost.src", product_id: "redis-0:3.0.6-4.el7ost.src", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.0.6-4.el7ost?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "redis-0:3.0.6-4.el7ost.src as a component of Red Hat OpenStack Platform 10.0", product_id: "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", }, product_reference: "redis-0:3.0.6-4.el7ost.src", relates_to_product_reference: "7Server-RH7-RHOS-10.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.0.6-4.el7ost.x86_64 as a component of Red Hat OpenStack Platform 10.0", product_id: "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", }, product_reference: "redis-0:3.0.6-4.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-10.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64 as a component of Red Hat OpenStack Platform 10.0", product_id: "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", }, product_reference: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-10.0", }, ], }, vulnerabilities: [ { cve: "CVE-2018-11218", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590067", }, ], notes: [ { category: "description", text: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", title: "Vulnerability description", }, { category: "summary", text: "redis: Heap corruption in lua_cmsgpack.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11218", }, { category: "external", summary: "RHBZ#1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11218", url: "https://www.cve.org/CVERecord?id=CVE-2018-11218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:09:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0052", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Heap corruption in lua_cmsgpack.c", }, { cve: "CVE-2018-11219", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590062", }, ], notes: [ { category: "description", text: "An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.", title: "Vulnerability description", }, { category: "summary", text: "redis: Integer overflow in lua_struct.c:b_unpack()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11219", }, { category: "external", summary: "RHBZ#1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11219", url: "https://www.cve.org/CVERecord?id=CVE-2018-11219", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:09:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0052", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Integer overflow in lua_struct.c:b_unpack()", }, { cve: "CVE-2018-12326", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2018-06-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1594291", }, ], notes: [ { category: "description", text: "The Redis command line tool 'redis-cli' is vulnerable to a buffer overflow through the -h (host) command line parameter. The redis-cli may be used by other services; if these services do not adequately filter the host input it could lead to code execution with the privilege level of that service.", title: "Vulnerability description", }, { category: "summary", text: "redis: Code execution in redis-cli via crafted command line arguments", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-12326", }, { category: "external", summary: "RHBZ#1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-12326", url: "https://www.cve.org/CVERecord?id=CVE-2018-12326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:09:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0052", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "redis: Code execution in redis-cli via crafted command line arguments", }, ], }
rhsa-2019_1860
Vulnerability from csaf_redhat
Published
2019-07-25 16:10
Modified
2024-11-15 03:13
Summary
Red Hat Security Advisory: rh-redis32-redis security update
Notes
Topic
An update for rh-redis32-redis is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.
Security Fix(es):
* redis: Heap buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10192)
* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)
* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)
* redis: Code execution in redis-cli via crafted command line arguments (CVE-2018-12326)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for rh-redis32-redis is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.\n\nSecurity Fix(es):\n\n* redis: Heap buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10192)\n\n* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)\n\n* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)\n\n* redis: Code execution in redis-cli via crafted command line arguments (CVE-2018-12326)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:1860", url: "https://access.redhat.com/errata/RHSA-2019:1860", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "external", summary: "1723918", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1723918", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1860.json", }, ], title: "Red Hat Security Advisory: rh-redis32-redis security update", tracking: { current_release_date: "2024-11-15T03:13:13+00:00", generator: { date: "2024-11-15T03:13:13+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:1860", initial_release_date: "2019-07-25T16:10:02+00:00", revision_history: [ { date: "2019-07-25T16:10:02+00:00", number: "1", summary: "Initial version", }, { date: "2019-07-25T16:10:02+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T03:13:13+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.3", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.3", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.3-7.4.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.3-7.5.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.3-7.6.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-RHSCL-3.3", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el6", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-RHSCL-3.3", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el6", }, }, }, ], category: "product_family", name: "Red Hat Software Collections", }, { branches: [ { category: "product_version", name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", product: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", product_id: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis@3.2.13-1.el7?arch=x86_64", }, }, }, { category: "product_version", name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", product: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", product_id: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis-debuginfo@3.2.13-1.el7?arch=x86_64", }, }, }, { category: "product_version", name: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", product: { name: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", product_id: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis@3.2.13-1.el6?arch=x86_64", }, }, }, { category: "product_version", name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", product: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", product_id: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis-debuginfo@3.2.13-1.el6?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "rh-redis32-redis-0:3.2.13-1.el7.src", product: { name: "rh-redis32-redis-0:3.2.13-1.el7.src", product_id: "rh-redis32-redis-0:3.2.13-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis@3.2.13-1.el7?arch=src", }, }, }, { category: "product_version", name: "rh-redis32-redis-0:3.2.13-1.el6.src", product: { name: "rh-redis32-redis-0:3.2.13-1.el6.src", product_id: "rh-redis32-redis-0:3.2.13-1.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis@3.2.13-1.el6?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el6.src", relates_to_product_reference: "6Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", relates_to_product_reference: "6Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", relates_to_product_reference: "6Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el6.src", relates_to_product_reference: "6Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", relates_to_product_reference: "6Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", relates_to_product_reference: "6Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Server-RHSCL-3.3-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Server-RHSCL-3.3-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Server-RHSCL-3.3-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.3", }, ], }, vulnerabilities: [ { cve: "CVE-2018-11218", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590067", }, ], notes: [ { category: "description", text: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", title: "Vulnerability description", }, { category: "summary", text: "redis: Heap corruption in lua_cmsgpack.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11218", }, { category: "external", summary: "RHBZ#1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11218", url: "https://www.cve.org/CVERecord?id=CVE-2018-11218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-07-25T16:10:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1860", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Heap corruption in lua_cmsgpack.c", }, { cve: "CVE-2018-11219", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590062", }, ], notes: [ { category: "description", text: "An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.", title: "Vulnerability description", }, { category: "summary", text: "redis: Integer overflow in lua_struct.c:b_unpack()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11219", }, { category: "external", summary: "RHBZ#1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11219", url: "https://www.cve.org/CVERecord?id=CVE-2018-11219", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-07-25T16:10:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1860", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Integer overflow in lua_struct.c:b_unpack()", }, { cve: "CVE-2018-12326", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2018-06-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1594291", }, ], notes: [ { category: "description", text: "The Redis command line tool 'redis-cli' is vulnerable to a buffer overflow through the -h (host) command line parameter. The redis-cli may be used by other services; if these services do not adequately filter the host input it could lead to code execution with the privilege level of that service.", title: "Vulnerability description", }, { category: "summary", text: "redis: Code execution in redis-cli via crafted command line arguments", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-12326", }, { category: "external", summary: "RHBZ#1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-12326", url: "https://www.cve.org/CVERecord?id=CVE-2018-12326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-07-25T16:10:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1860", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "redis: Code execution in redis-cli via crafted command line arguments", }, { cve: "CVE-2019-10192", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-05-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1723918", }, ], notes: [ { category: "description", text: "A heap buffer overflow vulnerability was found in the Redis HyperLogLog data structure. By carefully corrupting a HyperLogLog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding into writing up to 3 bytes beyond the end of a heap-allocated buffer.", title: "Vulnerability description", }, { category: "summary", text: "redis: Heap buffer overflow in HyperLogLog triggered by malicious client", title: "Vulnerability summary", }, { category: "other", text: "* This issue did not affect the version of grafana(embeds redis) as shipped with Red Hat Gluster Storage 3 and Red Hat Ceph Storage 3 as it only ships client side part of redis implementation.\n* This issue did not affect the version of heketi(embeds redis) as shipped with Red Hat Gluster Storage 3 as it only ships client side part of redis implementation.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10192", }, { category: "external", summary: "RHBZ#1723918", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1723918", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10192", url: "https://www.cve.org/CVERecord?id=CVE-2019-10192", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10192", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10192", }, { category: "external", summary: "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES", url: "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES", }, { category: "external", summary: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", url: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", }, { category: "external", summary: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", url: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", }, ], release_date: "2019-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-07-25T16:10:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1860", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "redis: Heap buffer overflow in HyperLogLog triggered by malicious client", }, ], }
rhsa-2019_0052
Vulnerability from csaf_redhat
Published
2019-01-16 17:09
Modified
2024-11-15 00:38
Summary
Red Hat Security Advisory: redis security update
Notes
Topic
An update for redis is now available for Red Hat OpenStack Platform 10.0 (Newton).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.
Security Fix(es):
* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)
* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)
* redis: code execution via a crafted command line (CVE-2018-12326)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for redis is now available for Red Hat OpenStack Platform 10.0 (Newton).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.\n\nSecurity Fix(es):\n\n* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)\n\n* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)\n\n* redis: code execution via a crafted command line (CVE-2018-12326)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0052", url: "https://access.redhat.com/errata/RHSA-2019:0052", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0052.json", }, ], title: "Red Hat Security Advisory: redis security update", tracking: { current_release_date: "2024-11-15T00:38:42+00:00", generator: { date: "2024-11-15T00:38:42+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:0052", initial_release_date: "2019-01-16T17:09:43+00:00", revision_history: [ { date: "2019-01-16T17:09:43+00:00", number: "1", summary: "Initial version", }, { date: "2019-01-16T17:09:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T00:38:42+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenStack Platform 10.0", product: { name: "Red Hat OpenStack Platform 10.0", product_id: "7Server-RH7-RHOS-10.0", product_identification_helper: { cpe: "cpe:/a:redhat:openstack:10::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenStack Platform", }, { branches: [ { category: "product_version", name: "redis-0:3.0.6-4.el7ost.x86_64", product: { name: "redis-0:3.0.6-4.el7ost.x86_64", product_id: "redis-0:3.0.6-4.el7ost.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.0.6-4.el7ost?arch=x86_64", }, }, }, { category: "product_version", name: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64", product: { name: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64", product_id: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redis-debuginfo@3.0.6-4.el7ost?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "redis-0:3.0.6-4.el7ost.src", product: { name: "redis-0:3.0.6-4.el7ost.src", product_id: "redis-0:3.0.6-4.el7ost.src", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.0.6-4.el7ost?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "redis-0:3.0.6-4.el7ost.src as a component of Red Hat OpenStack Platform 10.0", product_id: "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", }, product_reference: "redis-0:3.0.6-4.el7ost.src", relates_to_product_reference: "7Server-RH7-RHOS-10.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.0.6-4.el7ost.x86_64 as a component of Red Hat OpenStack Platform 10.0", product_id: "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", }, product_reference: "redis-0:3.0.6-4.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-10.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64 as a component of Red Hat OpenStack Platform 10.0", product_id: "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", }, product_reference: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-10.0", }, ], }, vulnerabilities: [ { cve: "CVE-2018-11218", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590067", }, ], notes: [ { category: "description", text: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", title: "Vulnerability description", }, { category: "summary", text: "redis: Heap corruption in lua_cmsgpack.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11218", }, { category: "external", summary: "RHBZ#1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11218", url: "https://www.cve.org/CVERecord?id=CVE-2018-11218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:09:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0052", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Heap corruption in lua_cmsgpack.c", }, { cve: "CVE-2018-11219", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590062", }, ], notes: [ { category: "description", text: "An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.", title: "Vulnerability description", }, { category: "summary", text: "redis: Integer overflow in lua_struct.c:b_unpack()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11219", }, { category: "external", summary: "RHBZ#1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11219", url: "https://www.cve.org/CVERecord?id=CVE-2018-11219", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:09:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0052", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Integer overflow in lua_struct.c:b_unpack()", }, { cve: "CVE-2018-12326", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2018-06-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1594291", }, ], notes: [ { category: "description", text: "The Redis command line tool 'redis-cli' is vulnerable to a buffer overflow through the -h (host) command line parameter. The redis-cli may be used by other services; if these services do not adequately filter the host input it could lead to code execution with the privilege level of that service.", title: "Vulnerability description", }, { category: "summary", text: "redis: Code execution in redis-cli via crafted command line arguments", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-12326", }, { category: "external", summary: "RHBZ#1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-12326", url: "https://www.cve.org/CVERecord?id=CVE-2018-12326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:09:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0052", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "redis: Code execution in redis-cli via crafted command line arguments", }, ], }
rhsa-2019:1860
Vulnerability from csaf_redhat
Published
2019-07-25 16:10
Modified
2025-03-16 23:55
Summary
Red Hat Security Advisory: rh-redis32-redis security update
Notes
Topic
An update for rh-redis32-redis is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.
Security Fix(es):
* redis: Heap buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10192)
* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)
* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)
* redis: Code execution in redis-cli via crafted command line arguments (CVE-2018-12326)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for rh-redis32-redis is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.\n\nSecurity Fix(es):\n\n* redis: Heap buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10192)\n\n* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)\n\n* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)\n\n* redis: Code execution in redis-cli via crafted command line arguments (CVE-2018-12326)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:1860", url: "https://access.redhat.com/errata/RHSA-2019:1860", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "external", summary: "1723918", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1723918", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1860.json", }, ], title: "Red Hat Security Advisory: rh-redis32-redis security update", tracking: { current_release_date: "2025-03-16T23:55:34+00:00", generator: { date: "2025-03-16T23:55:34+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2019:1860", initial_release_date: "2019-07-25T16:10:02+00:00", revision_history: [ { date: "2019-07-25T16:10:02+00:00", number: "1", summary: "Initial version", }, { date: "2019-07-25T16:10:02+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-16T23:55:34+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.3", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.3", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.3-7.4.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.3-7.5.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.3-7.6.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-RHSCL-3.3", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el6", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-RHSCL-3.3", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el6", }, }, }, ], category: "product_family", name: "Red Hat Software Collections", }, { branches: [ { category: "product_version", name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", product: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", product_id: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis@3.2.13-1.el7?arch=x86_64", }, }, }, { category: "product_version", name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", product: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", product_id: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis-debuginfo@3.2.13-1.el7?arch=x86_64", }, }, }, { category: "product_version", name: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", product: { name: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", product_id: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis@3.2.13-1.el6?arch=x86_64", }, }, }, { category: "product_version", name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", product: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", product_id: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis-debuginfo@3.2.13-1.el6?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "rh-redis32-redis-0:3.2.13-1.el7.src", product: { name: "rh-redis32-redis-0:3.2.13-1.el7.src", product_id: "rh-redis32-redis-0:3.2.13-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis@3.2.13-1.el7?arch=src", }, }, }, { category: "product_version", name: "rh-redis32-redis-0:3.2.13-1.el6.src", product: { name: "rh-redis32-redis-0:3.2.13-1.el6.src", product_id: "rh-redis32-redis-0:3.2.13-1.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis@3.2.13-1.el6?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el6.src", relates_to_product_reference: "6Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", relates_to_product_reference: "6Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", relates_to_product_reference: "6Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el6.src", relates_to_product_reference: "6Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", relates_to_product_reference: "6Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", relates_to_product_reference: "6Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Server-RHSCL-3.3-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Server-RHSCL-3.3-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Server-RHSCL-3.3-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.3", }, ], }, vulnerabilities: [ { cve: "CVE-2018-11218", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590067", }, ], notes: [ { category: "description", text: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", title: "Vulnerability description", }, { category: "summary", text: "redis: Heap corruption in lua_cmsgpack.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11218", }, { category: "external", summary: "RHBZ#1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11218", url: "https://www.cve.org/CVERecord?id=CVE-2018-11218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-07-25T16:10:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1860", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Heap corruption in lua_cmsgpack.c", }, { cve: "CVE-2018-11219", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590062", }, ], notes: [ { category: "description", text: "An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.", title: "Vulnerability description", }, { category: "summary", text: "redis: Integer overflow in lua_struct.c:b_unpack()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11219", }, { category: "external", summary: "RHBZ#1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11219", url: "https://www.cve.org/CVERecord?id=CVE-2018-11219", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-07-25T16:10:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1860", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Integer overflow in lua_struct.c:b_unpack()", }, { cve: "CVE-2018-12326", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2018-06-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1594291", }, ], notes: [ { category: "description", text: "The Redis command line tool 'redis-cli' is vulnerable to a buffer overflow through the -h (host) command line parameter. The redis-cli may be used by other services; if these services do not adequately filter the host input it could lead to code execution with the privilege level of that service.", title: "Vulnerability description", }, { category: "summary", text: "redis: Code execution in redis-cli via crafted command line arguments", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-12326", }, { category: "external", summary: "RHBZ#1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-12326", url: "https://www.cve.org/CVERecord?id=CVE-2018-12326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-07-25T16:10:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1860", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "redis: Code execution in redis-cli via crafted command line arguments", }, { cve: "CVE-2019-10192", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-05-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1723918", }, ], notes: [ { category: "description", text: "A heap buffer overflow vulnerability was found in the Redis HyperLogLog data structure. By carefully corrupting a HyperLogLog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding into writing up to 3 bytes beyond the end of a heap-allocated buffer.", title: "Vulnerability description", }, { category: "summary", text: "redis: Heap buffer overflow in HyperLogLog triggered by malicious client", title: "Vulnerability summary", }, { category: "other", text: "* This issue did not affect the version of grafana(embeds redis) as shipped with Red Hat Gluster Storage 3 and Red Hat Ceph Storage 3 as it only ships client side part of redis implementation.\n* This issue did not affect the version of heketi(embeds redis) as shipped with Red Hat Gluster Storage 3 as it only ships client side part of redis implementation.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10192", }, { category: "external", summary: "RHBZ#1723918", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1723918", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10192", url: "https://www.cve.org/CVERecord?id=CVE-2019-10192", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10192", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10192", }, { category: "external", summary: "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES", url: "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES", }, { category: "external", summary: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", url: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", }, { category: "external", summary: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", url: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", }, ], release_date: "2019-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-07-25T16:10:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1860", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "redis: Heap buffer overflow in HyperLogLog triggered by malicious client", }, ], }
RHSA-2019:1860
Vulnerability from csaf_redhat
Published
2019-07-25 16:10
Modified
2025-03-16 23:55
Summary
Red Hat Security Advisory: rh-redis32-redis security update
Notes
Topic
An update for rh-redis32-redis is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.
Security Fix(es):
* redis: Heap buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10192)
* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)
* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)
* redis: Code execution in redis-cli via crafted command line arguments (CVE-2018-12326)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for rh-redis32-redis is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.\n\nSecurity Fix(es):\n\n* redis: Heap buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10192)\n\n* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)\n\n* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)\n\n* redis: Code execution in redis-cli via crafted command line arguments (CVE-2018-12326)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:1860", url: "https://access.redhat.com/errata/RHSA-2019:1860", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "external", summary: "1723918", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1723918", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1860.json", }, ], title: "Red Hat Security Advisory: rh-redis32-redis security update", tracking: { current_release_date: "2025-03-16T23:55:34+00:00", generator: { date: "2025-03-16T23:55:34+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2019:1860", initial_release_date: "2019-07-25T16:10:02+00:00", revision_history: [ { date: "2019-07-25T16:10:02+00:00", number: "1", summary: "Initial version", }, { date: "2019-07-25T16:10:02+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-16T23:55:34+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.3", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.3", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.3-7.4.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.3-7.5.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.3-7.6.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-RHSCL-3.3", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el6", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-RHSCL-3.3", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el6", }, }, }, ], category: "product_family", name: "Red Hat Software Collections", }, { branches: [ { category: "product_version", name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", product: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", product_id: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis@3.2.13-1.el7?arch=x86_64", }, }, }, { category: "product_version", name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", product: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", product_id: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis-debuginfo@3.2.13-1.el7?arch=x86_64", }, }, }, { category: "product_version", name: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", product: { name: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", product_id: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis@3.2.13-1.el6?arch=x86_64", }, }, }, { category: "product_version", name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", product: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", product_id: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis-debuginfo@3.2.13-1.el6?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "rh-redis32-redis-0:3.2.13-1.el7.src", product: { name: "rh-redis32-redis-0:3.2.13-1.el7.src", product_id: "rh-redis32-redis-0:3.2.13-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis@3.2.13-1.el7?arch=src", }, }, }, { category: "product_version", name: "rh-redis32-redis-0:3.2.13-1.el6.src", product: { name: "rh-redis32-redis-0:3.2.13-1.el6.src", product_id: "rh-redis32-redis-0:3.2.13-1.el6.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-redis32-redis@3.2.13-1.el6?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el6.src", relates_to_product_reference: "6Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", relates_to_product_reference: "6Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", relates_to_product_reference: "6Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el6.src", relates_to_product_reference: "6Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el6.x86_64", relates_to_product_reference: "6Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", relates_to_product_reference: "6Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Server-RHSCL-3.3-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Server-RHSCL-3.3-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Server-RHSCL-3.3-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.src", relates_to_product_reference: "7Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.3", }, { category: "default_component_of", full_product_name: { name: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", }, product_reference: "rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.3", }, ], }, vulnerabilities: [ { cve: "CVE-2018-11218", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590067", }, ], notes: [ { category: "description", text: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", title: "Vulnerability description", }, { category: "summary", text: "redis: Heap corruption in lua_cmsgpack.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11218", }, { category: "external", summary: "RHBZ#1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11218", url: "https://www.cve.org/CVERecord?id=CVE-2018-11218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-07-25T16:10:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1860", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Heap corruption in lua_cmsgpack.c", }, { cve: "CVE-2018-11219", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590062", }, ], notes: [ { category: "description", text: "An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.", title: "Vulnerability description", }, { category: "summary", text: "redis: Integer overflow in lua_struct.c:b_unpack()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11219", }, { category: "external", summary: "RHBZ#1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11219", url: "https://www.cve.org/CVERecord?id=CVE-2018-11219", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-07-25T16:10:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1860", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Integer overflow in lua_struct.c:b_unpack()", }, { cve: "CVE-2018-12326", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2018-06-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1594291", }, ], notes: [ { category: "description", text: "The Redis command line tool 'redis-cli' is vulnerable to a buffer overflow through the -h (host) command line parameter. The redis-cli may be used by other services; if these services do not adequately filter the host input it could lead to code execution with the privilege level of that service.", title: "Vulnerability description", }, { category: "summary", text: "redis: Code execution in redis-cli via crafted command line arguments", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-12326", }, { category: "external", summary: "RHBZ#1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-12326", url: "https://www.cve.org/CVERecord?id=CVE-2018-12326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-07-25T16:10:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1860", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "redis: Code execution in redis-cli via crafted command line arguments", }, { cve: "CVE-2019-10192", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-05-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1723918", }, ], notes: [ { category: "description", text: "A heap buffer overflow vulnerability was found in the Redis HyperLogLog data structure. By carefully corrupting a HyperLogLog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding into writing up to 3 bytes beyond the end of a heap-allocated buffer.", title: "Vulnerability description", }, { category: "summary", text: "redis: Heap buffer overflow in HyperLogLog triggered by malicious client", title: "Vulnerability summary", }, { category: "other", text: "* This issue did not affect the version of grafana(embeds redis) as shipped with Red Hat Gluster Storage 3 and Red Hat Ceph Storage 3 as it only ships client side part of redis implementation.\n* This issue did not affect the version of heketi(embeds redis) as shipped with Red Hat Gluster Storage 3 as it only ships client side part of redis implementation.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10192", }, { category: "external", summary: "RHBZ#1723918", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1723918", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10192", url: "https://www.cve.org/CVERecord?id=CVE-2019-10192", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10192", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10192", }, { category: "external", summary: "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES", url: "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES", }, { category: "external", summary: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", url: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", }, { category: "external", summary: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", url: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", }, ], release_date: "2019-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-07-25T16:10:02+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:1860", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.src", "6Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el6.x86_64", "6Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el6.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Server-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Server-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.src", "7Workstation-RHSCL-3.3:rh-redis32-redis-0:3.2.13-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-redis32-redis-debuginfo-0:3.2.13-1.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "redis: Heap buffer overflow in HyperLogLog triggered by malicious client", }, ], }
RHSA-2019:0094
Vulnerability from csaf_redhat
Published
2019-01-16 17:55
Modified
2025-03-16 23:54
Summary
Red Hat Security Advisory: redis security update
Notes
Topic
An update for redis is now available for Red Hat OpenStack Platform 13.0 (Queens).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.
Security Fix(es):
* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)
* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)
* redis: code execution via a crafted command line (CVE-2018-12326)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for redis is now available for Red Hat OpenStack Platform 13.0 (Queens).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.\n\nSecurity Fix(es):\n\n* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)\n\n* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)\n\n* redis: code execution via a crafted command line (CVE-2018-12326)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0094", url: "https://access.redhat.com/errata/RHSA-2019:0094", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0094.json", }, ], title: "Red Hat Security Advisory: redis security update", tracking: { current_release_date: "2025-03-16T23:54:41+00:00", generator: { date: "2025-03-16T23:54:41+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2019:0094", initial_release_date: "2019-01-16T17:55:09+00:00", revision_history: [ { date: "2019-01-16T17:55:09+00:00", number: "1", summary: "Initial version", }, { date: "2019-01-16T17:55:09+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-16T23:54:41+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenStack Platform 13.0", product: { name: "Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0", product_identification_helper: { cpe: "cpe:/a:redhat:openstack:13::el7", }, }, }, { category: "product_name", name: "Red Hat OpenStack Platform 13.0", product: { name: "Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", product_identification_helper: { cpe: "cpe:/a:redhat:openstack:13::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenStack Platform", }, { branches: [ { category: "product_version", name: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", product: { name: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", product_id: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redis-debuginfo@3.2.8-3.el7ost?arch=x86_64", }, }, }, { category: "product_version", name: "redis-0:3.2.8-3.el7ost.x86_64", product: { name: "redis-0:3.2.8-3.el7ost.x86_64", product_id: "redis-0:3.2.8-3.el7ost.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.2.8-3.el7ost?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", product: { name: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", product_id: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/redis-debuginfo@3.2.8-3.el7ost?arch=ppc64le", }, }, }, { category: "product_version", name: "redis-0:3.2.8-3.el7ost.ppc64le", product: { name: "redis-0:3.2.8-3.el7ost.ppc64le", product_id: "redis-0:3.2.8-3.el7ost.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.2.8-3.el7ost?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "redis-0:3.2.8-3.el7ost.src", product: { name: "redis-0:3.2.8-3.el7ost.src", product_id: "redis-0:3.2.8-3.el7ost.src", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.2.8-3.el7ost?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.ppc64le as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", }, product_reference: "redis-0:3.2.8-3.el7ost.ppc64le", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.src as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", }, product_reference: "redis-0:3.2.8-3.el7ost.src", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.x86_64 as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", }, product_reference: "redis-0:3.2.8-3.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", }, product_reference: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64 as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", }, product_reference: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.ppc64le as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", }, product_reference: "redis-0:3.2.8-3.el7ost.ppc64le", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.src as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", }, product_reference: "redis-0:3.2.8-3.el7ost.src", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.x86_64 as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", }, product_reference: "redis-0:3.2.8-3.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", }, product_reference: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64 as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", }, product_reference: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, ], }, vulnerabilities: [ { cve: "CVE-2018-11218", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590067", }, ], notes: [ { category: "description", text: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", title: "Vulnerability description", }, { category: "summary", text: "redis: Heap corruption in lua_cmsgpack.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11218", }, { category: "external", summary: "RHBZ#1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11218", url: "https://www.cve.org/CVERecord?id=CVE-2018-11218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:55:09+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0094", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Heap corruption in lua_cmsgpack.c", }, { cve: "CVE-2018-11219", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590062", }, ], notes: [ { category: "description", text: "An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.", title: "Vulnerability description", }, { category: "summary", text: "redis: Integer overflow in lua_struct.c:b_unpack()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11219", }, { category: "external", summary: "RHBZ#1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11219", url: "https://www.cve.org/CVERecord?id=CVE-2018-11219", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:55:09+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0094", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Integer overflow in lua_struct.c:b_unpack()", }, { cve: "CVE-2018-12326", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2018-06-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1594291", }, ], notes: [ { category: "description", text: "The Redis command line tool 'redis-cli' is vulnerable to a buffer overflow through the -h (host) command line parameter. The redis-cli may be used by other services; if these services do not adequately filter the host input it could lead to code execution with the privilege level of that service.", title: "Vulnerability description", }, { category: "summary", text: "redis: Code execution in redis-cli via crafted command line arguments", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-12326", }, { category: "external", summary: "RHBZ#1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-12326", url: "https://www.cve.org/CVERecord?id=CVE-2018-12326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:55:09+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0094", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "redis: Code execution in redis-cli via crafted command line arguments", }, ], }
rhsa-2019_0094
Vulnerability from csaf_redhat
Published
2019-01-16 17:55
Modified
2024-11-15 00:38
Summary
Red Hat Security Advisory: redis security update
Notes
Topic
An update for redis is now available for Red Hat OpenStack Platform 13.0 (Queens).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.
Security Fix(es):
* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)
* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)
* redis: code execution via a crafted command line (CVE-2018-12326)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for redis is now available for Red Hat OpenStack Platform 13.0 (Queens).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.\n\nSecurity Fix(es):\n\n* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)\n\n* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)\n\n* redis: code execution via a crafted command line (CVE-2018-12326)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0094", url: "https://access.redhat.com/errata/RHSA-2019:0094", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0094.json", }, ], title: "Red Hat Security Advisory: redis security update", tracking: { current_release_date: "2024-11-15T00:38:53+00:00", generator: { date: "2024-11-15T00:38:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:0094", initial_release_date: "2019-01-16T17:55:09+00:00", revision_history: [ { date: "2019-01-16T17:55:09+00:00", number: "1", summary: "Initial version", }, { date: "2019-01-16T17:55:09+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T00:38:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenStack Platform 13.0", product: { name: "Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0", product_identification_helper: { cpe: "cpe:/a:redhat:openstack:13::el7", }, }, }, { category: "product_name", name: "Red Hat OpenStack Platform 13.0", product: { name: "Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", product_identification_helper: { cpe: "cpe:/a:redhat:openstack:13::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenStack Platform", }, { branches: [ { category: "product_version", name: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", product: { name: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", product_id: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redis-debuginfo@3.2.8-3.el7ost?arch=x86_64", }, }, }, { category: "product_version", name: "redis-0:3.2.8-3.el7ost.x86_64", product: { name: "redis-0:3.2.8-3.el7ost.x86_64", product_id: "redis-0:3.2.8-3.el7ost.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.2.8-3.el7ost?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", product: { name: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", product_id: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/redis-debuginfo@3.2.8-3.el7ost?arch=ppc64le", }, }, }, { category: "product_version", name: "redis-0:3.2.8-3.el7ost.ppc64le", product: { name: "redis-0:3.2.8-3.el7ost.ppc64le", product_id: "redis-0:3.2.8-3.el7ost.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.2.8-3.el7ost?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "redis-0:3.2.8-3.el7ost.src", product: { name: "redis-0:3.2.8-3.el7ost.src", product_id: "redis-0:3.2.8-3.el7ost.src", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.2.8-3.el7ost?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.ppc64le as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", }, product_reference: "redis-0:3.2.8-3.el7ost.ppc64le", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.src as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", }, product_reference: "redis-0:3.2.8-3.el7ost.src", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.x86_64 as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", }, product_reference: "redis-0:3.2.8-3.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", }, product_reference: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64 as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", }, product_reference: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.ppc64le as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", }, product_reference: "redis-0:3.2.8-3.el7ost.ppc64le", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.src as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", }, product_reference: "redis-0:3.2.8-3.el7ost.src", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.x86_64 as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", }, product_reference: "redis-0:3.2.8-3.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", }, product_reference: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64 as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", }, product_reference: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, ], }, vulnerabilities: [ { cve: "CVE-2018-11218", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590067", }, ], notes: [ { category: "description", text: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", title: "Vulnerability description", }, { category: "summary", text: "redis: Heap corruption in lua_cmsgpack.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11218", }, { category: "external", summary: "RHBZ#1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11218", url: "https://www.cve.org/CVERecord?id=CVE-2018-11218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:55:09+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0094", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Heap corruption in lua_cmsgpack.c", }, { cve: "CVE-2018-11219", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590062", }, ], notes: [ { category: "description", text: "An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.", title: "Vulnerability description", }, { category: "summary", text: "redis: Integer overflow in lua_struct.c:b_unpack()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11219", }, { category: "external", summary: "RHBZ#1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11219", url: "https://www.cve.org/CVERecord?id=CVE-2018-11219", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:55:09+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0094", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Integer overflow in lua_struct.c:b_unpack()", }, { cve: "CVE-2018-12326", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2018-06-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1594291", }, ], notes: [ { category: "description", text: "The Redis command line tool 'redis-cli' is vulnerable to a buffer overflow through the -h (host) command line parameter. The redis-cli may be used by other services; if these services do not adequately filter the host input it could lead to code execution with the privilege level of that service.", title: "Vulnerability description", }, { category: "summary", text: "redis: Code execution in redis-cli via crafted command line arguments", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-12326", }, { category: "external", summary: "RHBZ#1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-12326", url: "https://www.cve.org/CVERecord?id=CVE-2018-12326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:55:09+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0094", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "redis: Code execution in redis-cli via crafted command line arguments", }, ], }
rhsa-2019:0094
Vulnerability from csaf_redhat
Published
2019-01-16 17:55
Modified
2025-03-16 23:54
Summary
Red Hat Security Advisory: redis security update
Notes
Topic
An update for redis is now available for Red Hat OpenStack Platform 13.0 (Queens).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.
Security Fix(es):
* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)
* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)
* redis: code execution via a crafted command line (CVE-2018-12326)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for redis is now available for Red Hat OpenStack Platform 13.0 (Queens).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.\n\nSecurity Fix(es):\n\n* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)\n\n* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)\n\n* redis: code execution via a crafted command line (CVE-2018-12326)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0094", url: "https://access.redhat.com/errata/RHSA-2019:0094", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0094.json", }, ], title: "Red Hat Security Advisory: redis security update", tracking: { current_release_date: "2025-03-16T23:54:41+00:00", generator: { date: "2025-03-16T23:54:41+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2019:0094", initial_release_date: "2019-01-16T17:55:09+00:00", revision_history: [ { date: "2019-01-16T17:55:09+00:00", number: "1", summary: "Initial version", }, { date: "2019-01-16T17:55:09+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-16T23:54:41+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenStack Platform 13.0", product: { name: "Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0", product_identification_helper: { cpe: "cpe:/a:redhat:openstack:13::el7", }, }, }, { category: "product_name", name: "Red Hat OpenStack Platform 13.0", product: { name: "Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", product_identification_helper: { cpe: "cpe:/a:redhat:openstack:13::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenStack Platform", }, { branches: [ { category: "product_version", name: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", product: { name: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", product_id: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redis-debuginfo@3.2.8-3.el7ost?arch=x86_64", }, }, }, { category: "product_version", name: "redis-0:3.2.8-3.el7ost.x86_64", product: { name: "redis-0:3.2.8-3.el7ost.x86_64", product_id: "redis-0:3.2.8-3.el7ost.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.2.8-3.el7ost?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", product: { name: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", product_id: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/redis-debuginfo@3.2.8-3.el7ost?arch=ppc64le", }, }, }, { category: "product_version", name: "redis-0:3.2.8-3.el7ost.ppc64le", product: { name: "redis-0:3.2.8-3.el7ost.ppc64le", product_id: "redis-0:3.2.8-3.el7ost.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.2.8-3.el7ost?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "redis-0:3.2.8-3.el7ost.src", product: { name: "redis-0:3.2.8-3.el7ost.src", product_id: "redis-0:3.2.8-3.el7ost.src", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.2.8-3.el7ost?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.ppc64le as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", }, product_reference: "redis-0:3.2.8-3.el7ost.ppc64le", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.src as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", }, product_reference: "redis-0:3.2.8-3.el7ost.src", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.x86_64 as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", }, product_reference: "redis-0:3.2.8-3.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", }, product_reference: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64 as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", }, product_reference: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.ppc64le as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", }, product_reference: "redis-0:3.2.8-3.el7ost.ppc64le", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.src as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", }, product_reference: "redis-0:3.2.8-3.el7ost.src", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.2.8-3.el7ost.x86_64 as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", }, product_reference: "redis-0:3.2.8-3.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", }, product_reference: "redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64 as a component of Red Hat OpenStack Platform 13.0", product_id: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", }, product_reference: "redis-debuginfo-0:3.2.8-3.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0", }, ], }, vulnerabilities: [ { cve: "CVE-2018-11218", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590067", }, ], notes: [ { category: "description", text: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", title: "Vulnerability description", }, { category: "summary", text: "redis: Heap corruption in lua_cmsgpack.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11218", }, { category: "external", summary: "RHBZ#1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11218", url: "https://www.cve.org/CVERecord?id=CVE-2018-11218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:55:09+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0094", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Heap corruption in lua_cmsgpack.c", }, { cve: "CVE-2018-11219", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590062", }, ], notes: [ { category: "description", text: "An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.", title: "Vulnerability description", }, { category: "summary", text: "redis: Integer overflow in lua_struct.c:b_unpack()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11219", }, { category: "external", summary: "RHBZ#1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11219", url: "https://www.cve.org/CVERecord?id=CVE-2018-11219", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:55:09+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0094", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Integer overflow in lua_struct.c:b_unpack()", }, { cve: "CVE-2018-12326", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2018-06-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1594291", }, ], notes: [ { category: "description", text: "The Redis command line tool 'redis-cli' is vulnerable to a buffer overflow through the -h (host) command line parameter. The redis-cli may be used by other services; if these services do not adequately filter the host input it could lead to code execution with the privilege level of that service.", title: "Vulnerability description", }, { category: "summary", text: "redis: Code execution in redis-cli via crafted command line arguments", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-12326", }, { category: "external", summary: "RHBZ#1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-12326", url: "https://www.cve.org/CVERecord?id=CVE-2018-12326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:55:09+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0094", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.src", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-0:3.2.8-3.el7ost.x86_64", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.ppc64le", "7Server-RH7-RHOS-DEPLOYMENT-TOOLS-13.0:redis-debuginfo-0:3.2.8-3.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "redis: Code execution in redis-cli via crafted command line arguments", }, ], }
rhsa-2019:0052
Vulnerability from csaf_redhat
Published
2019-01-16 17:09
Modified
2025-03-16 23:54
Summary
Red Hat Security Advisory: redis security update
Notes
Topic
An update for redis is now available for Red Hat OpenStack Platform 10.0 (Newton).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.
Security Fix(es):
* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)
* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)
* redis: code execution via a crafted command line (CVE-2018-12326)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for redis is now available for Red Hat OpenStack Platform 10.0 (Newton).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.\n\nSecurity Fix(es):\n\n* redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218)\n\n* redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219)\n\n* redis: code execution via a crafted command line (CVE-2018-12326)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0052", url: "https://access.redhat.com/errata/RHSA-2019:0052", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0052.json", }, ], title: "Red Hat Security Advisory: redis security update", tracking: { current_release_date: "2025-03-16T23:54:54+00:00", generator: { date: "2025-03-16T23:54:54+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2019:0052", initial_release_date: "2019-01-16T17:09:43+00:00", revision_history: [ { date: "2019-01-16T17:09:43+00:00", number: "1", summary: "Initial version", }, { date: "2019-01-16T17:09:43+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-16T23:54:54+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenStack Platform 10.0", product: { name: "Red Hat OpenStack Platform 10.0", product_id: "7Server-RH7-RHOS-10.0", product_identification_helper: { cpe: "cpe:/a:redhat:openstack:10::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenStack Platform", }, { branches: [ { category: "product_version", name: "redis-0:3.0.6-4.el7ost.x86_64", product: { name: "redis-0:3.0.6-4.el7ost.x86_64", product_id: "redis-0:3.0.6-4.el7ost.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.0.6-4.el7ost?arch=x86_64", }, }, }, { category: "product_version", name: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64", product: { name: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64", product_id: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/redis-debuginfo@3.0.6-4.el7ost?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "redis-0:3.0.6-4.el7ost.src", product: { name: "redis-0:3.0.6-4.el7ost.src", product_id: "redis-0:3.0.6-4.el7ost.src", product_identification_helper: { purl: "pkg:rpm/redhat/redis@3.0.6-4.el7ost?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "redis-0:3.0.6-4.el7ost.src as a component of Red Hat OpenStack Platform 10.0", product_id: "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", }, product_reference: "redis-0:3.0.6-4.el7ost.src", relates_to_product_reference: "7Server-RH7-RHOS-10.0", }, { category: "default_component_of", full_product_name: { name: "redis-0:3.0.6-4.el7ost.x86_64 as a component of Red Hat OpenStack Platform 10.0", product_id: "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", }, product_reference: "redis-0:3.0.6-4.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-10.0", }, { category: "default_component_of", full_product_name: { name: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64 as a component of Red Hat OpenStack Platform 10.0", product_id: "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", }, product_reference: "redis-debuginfo-0:3.0.6-4.el7ost.x86_64", relates_to_product_reference: "7Server-RH7-RHOS-10.0", }, ], }, vulnerabilities: [ { cve: "CVE-2018-11218", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590067", }, ], notes: [ { category: "description", text: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", title: "Vulnerability description", }, { category: "summary", text: "redis: Heap corruption in lua_cmsgpack.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11218", }, { category: "external", summary: "RHBZ#1590067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590067", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11218", url: "https://www.cve.org/CVERecord?id=CVE-2018-11218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:09:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0052", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Heap corruption in lua_cmsgpack.c", }, { cve: "CVE-2018-11219", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2018-06-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590062", }, ], notes: [ { category: "description", text: "An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.", title: "Vulnerability description", }, { category: "summary", text: "redis: Integer overflow in lua_struct.c:b_unpack()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11219", }, { category: "external", summary: "RHBZ#1590062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590062", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11219", url: "https://www.cve.org/CVERecord?id=CVE-2018-11219", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11219", }, { category: "external", summary: "http://antirez.com/news/119", url: "http://antirez.com/news/119", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:09:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0052", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "redis: Integer overflow in lua_struct.c:b_unpack()", }, { cve: "CVE-2018-12326", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2018-06-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1594291", }, ], notes: [ { category: "description", text: "The Redis command line tool 'redis-cli' is vulnerable to a buffer overflow through the -h (host) command line parameter. The redis-cli may be used by other services; if these services do not adequately filter the host input it could lead to code execution with the privilege level of that service.", title: "Vulnerability description", }, { category: "summary", text: "redis: Code execution in redis-cli via crafted command line arguments", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-12326", }, { category: "external", summary: "RHBZ#1594291", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1594291", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-12326", url: "https://www.cve.org/CVERecord?id=CVE-2018-12326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-12326", }, ], release_date: "2018-06-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-01-16T17:09:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0052", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.src", "7Server-RH7-RHOS-10.0:redis-0:3.0.6-4.el7ost.x86_64", "7Server-RH7-RHOS-10.0:redis-debuginfo-0:3.0.6-4.el7ost.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "redis: Code execution in redis-cli via crafted command line arguments", }, ], }
suse-ou-2020:3291-1
Vulnerability from csaf_suse
Published
2020-11-11 11:26
Modified
2020-11-11 11:26
Summary
Optional update for python-redis and redis
Notes
Title of the patch
Optional update for python-redis and redis
Description of the patch
This optional update for python-redis and redis provides the following fixes
python-redis:
- Update to version to 3.4.1 (jsc#ECO-2417)
* Move the username argument in the Redis and Connection classes to the end of the argument list.
This helps those poor souls that specify all their connection options as non-keyword arguments.
* Prior to ACL support, redis-py ignored the username component of Connection URLs. With ACL
support, usernames are no longer ignored and are used to authenticate against an ACL rule.
Some cloud vendors with managed Redis instances (like Heroku) provide connection URLs with a
username component pre-ACL that is not intended to be used. Sending that username to Redis
servers < 6.0.0 results in an error. Attempt to detect this condition and retry the AUTH
command with only the password such that authentication continues to work for these users.
* Removed the __eq__ hooks to Redis and ConnectionPool that were added in 3.4.0.
This ended up being a bad idea as two separate connection pools be considered equal yet
manage a completely separate set of connections.
* Allow empty pipelines to be executed if there are WATCHed keys. This is a convenient
way to test if any of the watched keys changed without actually running any other commands.
* Removed support for end of life Python 3.4.
* Added support for all ACL commands in Redis 6.
* Pipeline instances now always evaluate to True. Prior to this change,
pipeline instances relied on __len__ for boolean evaluation which
meant that pipelines with no commands on the stack would be considered False.
* Client instances and Connection pools now support a 'client_name' argument.
If supplied, all connections created will call CLIENT SETNAME as soon as the connection is opened.
* Added the 'ssl_check_hostname' argument to specify whether SSL connections should require the
server hostname to match the hostname specified in the SSL cert. By default 'ssl_check_hostname'
is False for backwards compatibility.
* Added support for the TYPE argument to SCAN.
* Better thread and fork safety in ConnectionPool and BlockingConnectionPool.
Added better locking to synchronize critical sections rather than relying on CPython-specific implementation
details relating to atomic operations. Adjusted how the pools identify and deal with a fork.
Added a ChildDeadlockedError exception that is raised by child processes in the very unlikely chance that
a deadlock is encountered.
* Further fix for the SSLError -> TimeoutError mapping to work on obscure releases of Python 2.7.
* Fixed a potential error handling bug for the SSLError ->
TimeoutError mapping introduced in 3.3.9.
* Mapped Python 2.7 SSLError to TimeoutError where
appropriate. Timeouts should now consistently raise TimeoutErrors
on Python 2.7 for both unsecured and secured connections.
* Fixed MONITOR parsing to properly parse IPv6 client addresses
* Fixed a regression introduced in 3.3.0
* Resolve a race condition with the PubSubWorkerThread.
* Response callbacks are now case insensitive.
* Added support for hiredis-py 1.0.0 encoding error support.
* Add READONLY and READWRITE commands.
* Added extensive health checks that keep the connections lively.
* Many more changes, see upstream changelog.
* Add missing build dependency setuptools
* Fix SentinelConnectionPool to work in multiprocess/forked environments
- Update to 3.2.0 (bsc#1131555)
* Added support for `select.poll` to test whether data can be read on a socket. This should allow for significantly
more connections to be used with pubsub.
* Attempt to guarentee that the ConnectionPool hands out healthy connections. Healthy connections are those that
have an established socket connection to the Redis server, are ready to accept a command and have no data
available to read.
* Use the socket.IPPROTO_TCP constant instead of socket.SOL_TCP. IPPROTO_TCP is available on
more interpreters (Jython for instance).
* Fixed a regression introduced in 3.0 that mishandles exceptions not derived from the base Exception class.
KeyboardInterrupt and gevent.timeout notable.
* Significant improvements to handing connections with forked processes. Parent and child processes no longer
trample on each others' connections.
* PythonParser no longer closes the associated connection's socket. The connection itself will close the socket.
* Connection URLs must have one of the following schemes: redis://, rediss://, unix://.
* Fixed an issue with retry_on_timeout logic that caused some TimeoutErrors to be retried.
* Added support for SNI for SSL.
* Fixed ConnectionPool repr for pools with no connections.
* Fixed GEOHASH to return a None value when specifying a place that doesn't exist on the server.
* Fixed XREADGROUP to return an empty dictionary for messages that have been deleted but still exist in the
unacknowledged queue.
* Added an owned method to Lock objects. owned returns a boolean indicating whether the current lock instance
still owns the lock.
* Allow lock.acquire() to accept an optional token argument. If provided, the token argument is used as the
unique value used to claim the lock.
* Added a reacquire method to Lock objects. reaquire attempts to renew the lock such that the timeout is
extended to the same value that the lock was initially acquired with.
* Stream names found within XREAD and XREADGROUP responses now properly respect the decode_responses flag.
* XPENDING_RANGE now requires the user the specify the min, max and count arguments.
Newer versions of Redis prevent count from being infinite so it's left to the user to specify these values
explicitly.
* ZADD now returns None when xx=True and incr=True and an element is specified that doesn't exist in
the sorted set. This matches what the server returns in this case.
* Added client_kill_filter that accepts various filters to identify and kill clients.
* Fixed a race condition that occurred when unsubscribing and resubscribing to the same channel or pattern
in rapid succession.
* Added a LockNotOwnedError that is raised when trying to extend or release a lock that is no longer owned.
This is a subclass of LockError so previous code should continue to work as expected.
* Fixed a bug in GEORADIUS that forced decoding of places without respecting the decode_responses option.
* add recommendation for python-hiredis
* Fixed regression with UnixDomainSocketConnection caused by 3.0.0.
* Fixed an issue with the new asynchronous flag on flushdb and flushall.
* Updated Lock.locked() method to indicate whether *any* process has acquired the lock, not just the
current one. This is in line with the behavior of threading.Lock.
- Update to version 3.0.0:
BACKWARDS INCOMPATIBLE CHANGES
* When using a Lock as a context manager and the lock fails to be acquired
a LockError is now raised. This prevents the code block inside the context manager from being executed
if the lock could not be acquired.
* Renamed LuaLock to Lock.
* Removed the pipeline based Lock implementation in favor of the LuaLock implementation.
* Only bytes, strings and numbers (ints, longs and floats) are acceptable
for keys and values. Previously redis-py attempted to cast other types
to str() and store the result. This caused must confusion and frustration
when passing boolean values (cast to 'True' and 'False') or None values
(cast to 'None'). It is now the user's responsibility to cast all
key names and values to bytes, strings or numbers before passing the value to redis-py.
* The StrictRedis class has been renamed to Redis. StrictRedis will
continue to exist as an alias of Redis for the forseeable future.
* The legacy Redis client class has been removed. It caused much confusion to users.
* ZINCRBY arguments 'value' and 'amount' have swapped order to match the
the Redis server. The new argument order is: keyname, amount, value.
* MGET no longer raises an error if zero keys are passed in. Instead an empty list is returned.
* MSET and MSETNX now require all keys/values to be specified in a single dictionary argument named mapping.
This was changed to allow for future options to these commands in the future.
* ZADD now requires all element names/scores be specified in a single
dictionary argument named mapping. This was required to allow the NX, XX, CH and INCR options to be specified.
OTHER CHANGES
* Added missing DECRBY command.
* CLUSTER INFO and CLUSTER NODES respones are now properly decoded to strings.
* Added a 'locked()' method to Lock objects. This method returns True if the lock has been acquired and owned
by the current process, otherwise False.
* EXISTS now supports multiple keys. It's return value is now the number of keys in the list that exist.
* Ensure all commands can accept key names as bytes. This fixes issues with BLPOP, BRPOP and SORT.
* All errors resulting from bad user input are raised as DataError exceptions. DataError is a subclass of
RedisError so this should be transparent to anyone previously catching these.
* Added support for NX, XX, CH and INCR options to ZADD
* Added support for the MIGRATE command
* Added support for the MEMORY USAGE and MEMORY PURGE commands.
* Added support for the 'asynchronous' argument to FLUSHDB and FLUSHALL commands.
* Added support for the BITFIELD command.
* Improved performance on pipeline requests with large chunks of data.
* Fixed test suite to not fail if another client is connected to the server the tests are running against.
* Added support for SWAPDB.
* Added support for all STREAM commands.
* SHUTDOWN now accepts the 'save' and 'nosave' arguments.
* Added support for ZPOPMAX, ZPOPMIN, BZPOPMAX, BZPOPMIN.
* Added support for the 'type' argument in CLIENT LIST.
* Added support for CLIENT PAUSE.
* Added support for CLIENT ID and CLIENT UNBLOCK.
* GEODIST now returns a None value when referencing a place that does not exist.
* Added a ping() method to pubsub objects.
* Fixed a bug with keys in the INFO dict that contained ':' symbols.
* ssl_cert_reqs now has a default value of 'required' by default. This should make connecting to a remote
Redis server over SSL more secure.
* max_connections is now a valid querystring argument for creating connection pools from URLs.
* Added the UNLINK command.
* Added socket_type option to Connection for configurability.
* Lock.do_acquire now atomically sets acquires the lock and sets the expire value via set(nx=True, px=timeout).
* Added 'count' argument to SPOP.
* Fixed an issue parsing client_list respones that contained an '='.
* Fix rounding issues with geolocation, it is not stable enought to produce pinpoint equal
results among 32bit platforms
* Run tests by launching redis server
* Require redis on runtime
redis:
- Update to version 6.0.8
(jsc#PM-1615, jsc#PM-1622, jsc#PM-1681, jsc#ECO-2867, jsc#PM-1547, jsc#CAPS-56, jsc#SLE-11578, jsc#SLE-12821)
* bug fixes when using with Sentinel
* bug fixes when using CONFIG REWRITE
* Remove THP warning when set to madvise
* Allow EXEC with read commands on readonly replica in cluster
* Add masters/replicas options to redis-cli --cluster call command
* CONFIG SET could hung the client when arrives during RDB/ROF loading
* LPOS command when RANK is greater than matches responded with broken protocol
* Add oom-score-adj configuration option to control Linux OOM killer
* Show IO threads statistics and status in INFO output
* Add optional tls verification mode (see tls-auth-clients)
* Fix crash when enabling CLIENT TRACKING with prefix
* EXEC always fails with EXECABORT and multi-state is cleared
* RESTORE ABSTTL won't store expired keys into the db
* redis-cli better handling of non-pritable key names
* TLS: Ignore client cert when tls-auth-clients off
* Tracking: fix invalidation message on flush
* Notify systemd on Sentinel startup
* Fix crash on a misuse of STRALGO
* Fix a few rare leaks (STRALGO error misuse, Sentinel)
* Fix a possible invalid access in defrag of scripts
* Add LPOS command to search in a list
* Use user+pass for MIGRATE in redis-cli and redis-benchmark in cluster mode
* redis-cli support TLS for --pipe, --rdb and --replica options
* TLS: Session caching configuration support
* Fix handling of speical chars in ACL LOAD
* Make Redis Cluster more robust about operation errors that may lead to two clusters to mix together
* Revert the sendfile() implementation of RDB transfer
* Fix TLS certificate loading for chained certificates
* Fix AOF rewirting of KEEPTTL SET option
* Fix MULTI/EXEC behavior during -BUSY script errors
* fix a severe replication bug introduced in Redis 6 by the 'meaningful offset' feature
* fix a crash introduced in 6.0.2
* fix to client side caching when keys are evicted from the tracking table but no notifications are sent
* add BR pkgconfig(libsystemd) for the rewritten systemd support and force building with it
* XCLAIM AOF/replicas propagation fixed.
* Client side caching: new NOLOOP option to avoid getting notified about changes performed by ourselves.
* ACL GENPASS now uses HMAC-SHA256 and have an optional 'bits' argument. It means you can use it as a general
purpose 'secure random strings' primitive!
* Cluster 'SLOTS' subcommand memory optimization.
* The LCS command is now a subcommand of STRALGO.
* Meaningful offset for replicas as well. More successful partial resynchronizations.
* Optimize memory usage of deferred replies.
* Faster CRC64 algorithm for faster RDB loading.
* XINFO STREAM FULL, a new subcommand to get the whole stream state.
* CLIENT KILL USER <username>.
* MIGRATE AUTH2 option, for ACL style authentication support.
* use libatomic also on ppc
* add hash file from redis-hashes and verify it during build
Patchnames
SUSE-2020-3291,SUSE-SLE-Module-Server-Applications-15-SP2-2020-3291
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Optional update for python-redis and redis", title: "Title of the patch", }, { category: "description", text: "This optional update for python-redis and redis provides the following fixes\n\npython-redis:\n\n- Update to version to 3.4.1 (jsc#ECO-2417)\n * Move the username argument in the Redis and Connection classes to the end of the argument list. \n This helps those poor souls that specify all their connection options as non-keyword arguments.\n * Prior to ACL support, redis-py ignored the username component of Connection URLs. With ACL \n support, usernames are no longer ignored and are used to authenticate against an ACL rule. \n Some cloud vendors with managed Redis instances (like Heroku) provide connection URLs with a\n username component pre-ACL that is not intended to be used. Sending that username to Redis \n servers < 6.0.0 results in an error. Attempt to detect this condition and retry the AUTH \n command with only the password such that authentication continues to work for these users.\n * Removed the __eq__ hooks to Redis and ConnectionPool that were added in 3.4.0. \n This ended up being a bad idea as two separate connection pools be considered equal yet \n manage a completely separate set of connections.\n * Allow empty pipelines to be executed if there are WATCHed keys. This is a convenient \n way to test if any of the watched keys changed without actually running any other commands. \n * Removed support for end of life Python 3.4.\n * Added support for all ACL commands in Redis 6. \n * Pipeline instances now always evaluate to True. Prior to this change,\n pipeline instances relied on __len__ for boolean evaluation which\n meant that pipelines with no commands on the stack would be considered False.\n * Client instances and Connection pools now support a 'client_name' argument. \n If supplied, all connections created will call CLIENT SETNAME as soon as the connection is opened. \n * Added the 'ssl_check_hostname' argument to specify whether SSL connections should require the \n server hostname to match the hostname specified in the SSL cert. By default 'ssl_check_hostname' \n is False for backwards compatibility. \n * Added support for the TYPE argument to SCAN. \n * Better thread and fork safety in ConnectionPool and BlockingConnectionPool. \n Added better locking to synchronize critical sections rather than relying on CPython-specific implementation \n details relating to atomic operations. Adjusted how the pools identify and deal with a fork. \n Added a ChildDeadlockedError exception that is raised by child processes in the very unlikely chance that \n a deadlock is encountered. \n * Further fix for the SSLError -> TimeoutError mapping to work on obscure releases of Python 2.7.\n * Fixed a potential error handling bug for the SSLError ->\n TimeoutError mapping introduced in 3.3.9.\n * Mapped Python 2.7 SSLError to TimeoutError where\n appropriate. Timeouts should now consistently raise TimeoutErrors\n on Python 2.7 for both unsecured and secured connections. \n * Fixed MONITOR parsing to properly parse IPv6 client addresses\n * Fixed a regression introduced in 3.3.0\n * Resolve a race condition with the PubSubWorkerThread.\n * Response callbacks are now case insensitive.\n * Added support for hiredis-py 1.0.0 encoding error support.\n * Add READONLY and READWRITE commands.\n * Added extensive health checks that keep the connections lively.\n * Many more changes, see upstream changelog.\n * Add missing build dependency setuptools\n * Fix SentinelConnectionPool to work in multiprocess/forked environments\n\n- Update to 3.2.0 (bsc#1131555)\n * Added support for `select.poll` to test whether data can be read on a socket. This should allow for significantly\n more connections to be used with pubsub. \n * Attempt to guarentee that the ConnectionPool hands out healthy connections. Healthy connections are those that \n have an established socket connection to the Redis server, are ready to accept a command and have no data \n available to read. \n * Use the socket.IPPROTO_TCP constant instead of socket.SOL_TCP. IPPROTO_TCP is available on \n more interpreters (Jython for instance).\n * Fixed a regression introduced in 3.0 that mishandles exceptions not derived from the base Exception class. \n KeyboardInterrupt and gevent.timeout notable. \n * Significant improvements to handing connections with forked processes. Parent and child processes no longer \n trample on each others' connections.\n * PythonParser no longer closes the associated connection's socket. The connection itself will close the socket.\n * Connection URLs must have one of the following schemes: redis://, rediss://, unix://. \n * Fixed an issue with retry_on_timeout logic that caused some TimeoutErrors to be retried. \n * Added support for SNI for SSL. \n * Fixed ConnectionPool repr for pools with no connections. \n * Fixed GEOHASH to return a None value when specifying a place that doesn't exist on the server. \n * Fixed XREADGROUP to return an empty dictionary for messages that have been deleted but still exist in the \n unacknowledged queue. \n * Added an owned method to Lock objects. owned returns a boolean indicating whether the current lock instance \n still owns the lock.\n * Allow lock.acquire() to accept an optional token argument. If provided, the token argument is used as the \n unique value used to claim the lock. \n * Added a reacquire method to Lock objects. reaquire attempts to renew the lock such that the timeout is \n extended to the same value that the lock was initially acquired with. \n * Stream names found within XREAD and XREADGROUP responses now properly respect the decode_responses flag.\n * XPENDING_RANGE now requires the user the specify the min, max and count arguments. \n Newer versions of Redis prevent count from being infinite so it's left to the user to specify these values \n explicitly.\n * ZADD now returns None when xx=True and incr=True and an element is specified that doesn't exist in \n the sorted set. This matches what the server returns in this case. \n * Added client_kill_filter that accepts various filters to identify and kill clients. \n * Fixed a race condition that occurred when unsubscribing and resubscribing to the same channel or pattern\n in rapid succession.\n * Added a LockNotOwnedError that is raised when trying to extend or release a lock that is no longer owned. \n This is a subclass of LockError so previous code should continue to work as expected. \n * Fixed a bug in GEORADIUS that forced decoding of places without respecting the decode_responses option. \n * add recommendation for python-hiredis\n * Fixed regression with UnixDomainSocketConnection caused by 3.0.0.\n * Fixed an issue with the new asynchronous flag on flushdb and flushall.\n * Updated Lock.locked() method to indicate whether *any* process has acquired the lock, not just the \n current one. This is in line with the behavior of threading.Lock. \n\n- Update to version 3.0.0:\n BACKWARDS INCOMPATIBLE CHANGES\n * When using a Lock as a context manager and the lock fails to be acquired\n a LockError is now raised. This prevents the code block inside the context manager from being executed \n if the lock could not be acquired.\n * Renamed LuaLock to Lock.\n * Removed the pipeline based Lock implementation in favor of the LuaLock implementation.\n * Only bytes, strings and numbers (ints, longs and floats) are acceptable\n for keys and values. Previously redis-py attempted to cast other types\n to str() and store the result. This caused must confusion and frustration\n when passing boolean values (cast to 'True' and 'False') or None values\n (cast to 'None'). It is now the user's responsibility to cast all\n key names and values to bytes, strings or numbers before passing the value to redis-py.\n * The StrictRedis class has been renamed to Redis. StrictRedis will\n continue to exist as an alias of Redis for the forseeable future.\n * The legacy Redis client class has been removed. It caused much confusion to users.\n * ZINCRBY arguments 'value' and 'amount' have swapped order to match the\n the Redis server. The new argument order is: keyname, amount, value.\n * MGET no longer raises an error if zero keys are passed in. Instead an empty list is returned.\n * MSET and MSETNX now require all keys/values to be specified in a single dictionary argument named mapping. \n This was changed to allow for future options to these commands in the future.\n * ZADD now requires all element names/scores be specified in a single\n dictionary argument named mapping. This was required to allow the NX, XX, CH and INCR options to be specified.\n OTHER CHANGES\n * Added missing DECRBY command.\n * CLUSTER INFO and CLUSTER NODES respones are now properly decoded to strings.\n * Added a 'locked()' method to Lock objects. This method returns True if the lock has been acquired and owned \n by the current process, otherwise False.\n * EXISTS now supports multiple keys. It's return value is now the number of keys in the list that exist.\n * Ensure all commands can accept key names as bytes. This fixes issues with BLPOP, BRPOP and SORT.\n * All errors resulting from bad user input are raised as DataError exceptions. DataError is a subclass of \n RedisError so this should be transparent to anyone previously catching these.\n * Added support for NX, XX, CH and INCR options to ZADD\n * Added support for the MIGRATE command\n * Added support for the MEMORY USAGE and MEMORY PURGE commands. \n * Added support for the 'asynchronous' argument to FLUSHDB and FLUSHALL commands. \n * Added support for the BITFIELD command. \n * Improved performance on pipeline requests with large chunks of data.\n * Fixed test suite to not fail if another client is connected to the server the tests are running against.\n * Added support for SWAPDB.\n * Added support for all STREAM commands.\n * SHUTDOWN now accepts the 'save' and 'nosave' arguments. \n * Added support for ZPOPMAX, ZPOPMIN, BZPOPMAX, BZPOPMIN. \n * Added support for the 'type' argument in CLIENT LIST.\n * Added support for CLIENT PAUSE. \n * Added support for CLIENT ID and CLIENT UNBLOCK. \n * GEODIST now returns a None value when referencing a place that does not exist. \n * Added a ping() method to pubsub objects. \n * Fixed a bug with keys in the INFO dict that contained ':' symbols.\n * ssl_cert_reqs now has a default value of 'required' by default. This should make connecting to a remote \n Redis server over SSL more secure.\n * max_connections is now a valid querystring argument for creating connection pools from URLs. \n * Added the UNLINK command.\n * Added socket_type option to Connection for configurability.\n * Lock.do_acquire now atomically sets acquires the lock and sets the expire value via set(nx=True, px=timeout).\n * Added 'count' argument to SPOP.\n * Fixed an issue parsing client_list respones that contained an '='.\n * Fix rounding issues with geolocation, it is not stable enought to produce pinpoint equal \n results among 32bit platforms\n * Run tests by launching redis server\n * Require redis on runtime\n\nredis:\n\n- Update to version 6.0.8 \n (jsc#PM-1615, jsc#PM-1622, jsc#PM-1681, jsc#ECO-2867, jsc#PM-1547, jsc#CAPS-56, jsc#SLE-11578, jsc#SLE-12821)\n * bug fixes when using with Sentinel\n * bug fixes when using CONFIG REWRITE\n * Remove THP warning when set to madvise\n * Allow EXEC with read commands on readonly replica in cluster\n * Add masters/replicas options to redis-cli --cluster call command\n * CONFIG SET could hung the client when arrives during RDB/ROF loading\n * LPOS command when RANK is greater than matches responded with broken protocol\n * Add oom-score-adj configuration option to control Linux OOM killer\n * Show IO threads statistics and status in INFO output \n * Add optional tls verification mode (see tls-auth-clients)\n * Fix crash when enabling CLIENT TRACKING with prefix\n * EXEC always fails with EXECABORT and multi-state is cleared\n * RESTORE ABSTTL won't store expired keys into the db\n * redis-cli better handling of non-pritable key names\n * TLS: Ignore client cert when tls-auth-clients off\n * Tracking: fix invalidation message on flush\n * Notify systemd on Sentinel startup\n * Fix crash on a misuse of STRALGO\n * Fix a few rare leaks (STRALGO error misuse, Sentinel)\n * Fix a possible invalid access in defrag of scripts\n * Add LPOS command to search in a list\n * Use user+pass for MIGRATE in redis-cli and redis-benchmark in cluster mode\n * redis-cli support TLS for --pipe, --rdb and --replica options\n * TLS: Session caching configuration support\n * Fix handling of speical chars in ACL LOAD\n * Make Redis Cluster more robust about operation errors that may lead to two clusters to mix together\n * Revert the sendfile() implementation of RDB transfer\n * Fix TLS certificate loading for chained certificates\n * Fix AOF rewirting of KEEPTTL SET option\n * Fix MULTI/EXEC behavior during -BUSY script errors\n * fix a severe replication bug introduced in Redis 6 by the 'meaningful offset' feature\n * fix a crash introduced in 6.0.2\n * fix to client side caching when keys are evicted from the tracking table but no notifications are sent\n * add BR pkgconfig(libsystemd) for the rewritten systemd support and force building with it\n * XCLAIM AOF/replicas propagation fixed.\n * Client side caching: new NOLOOP option to avoid getting notified about changes performed by ourselves.\n * ACL GENPASS now uses HMAC-SHA256 and have an optional 'bits' argument. It means you can use it as a general \n purpose 'secure random strings' primitive!\n * Cluster 'SLOTS' subcommand memory optimization.\n * The LCS command is now a subcommand of STRALGO.\n * Meaningful offset for replicas as well. More successful partial resynchronizations.\n * Optimize memory usage of deferred replies.\n * Faster CRC64 algorithm for faster RDB loading.\n * XINFO STREAM FULL, a new subcommand to get the whole stream state.\n * CLIENT KILL USER <username>.\n * MIGRATE AUTH2 option, for ACL style authentication support.\n * use libatomic also on ppc\n * add hash file from redis-hashes and verify it during build\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3291,SUSE-SLE-Module-Server-Applications-15-SP2-2020-3291", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-ou-2020_3291-1.json", }, { category: "self", summary: "URL for SUSE-OU-2020:3291-1", url: "https://www.suse.com/support/update/announcement//suse-ou-20203291-1/", }, { category: "self", summary: "E-Mail link for SUSE-OU-2020:3291-1", url: "https://lists.suse.com/pipermail/sle-updates/2020-November/016846.html", }, { category: "self", summary: "SUSE Bug 1002351", url: "https://bugzilla.suse.com/1002351", }, { category: "self", summary: "SUSE Bug 1047218", url: "https://bugzilla.suse.com/1047218", }, { category: "self", summary: "SUSE Bug 1061967", url: "https://bugzilla.suse.com/1061967", }, { category: "self", summary: "SUSE Bug 1064980", url: "https://bugzilla.suse.com/1064980", }, { category: "self", summary: "SUSE Bug 1097430", url: "https://bugzilla.suse.com/1097430", }, { category: "self", summary: "SUSE Bug 1131555", url: "https://bugzilla.suse.com/1131555", }, { category: "self", summary: "SUSE Bug 798455", url: "https://bugzilla.suse.com/798455", }, { category: "self", summary: "SUSE Bug 835815", url: "https://bugzilla.suse.com/835815", }, { category: "self", summary: "SUSE Bug 991250", url: "https://bugzilla.suse.com/991250", }, { category: "self", summary: "SUSE CVE CVE-2013-7458 page", url: "https://www.suse.com/security/cve/CVE-2013-7458/", }, { category: "self", summary: "SUSE CVE CVE-2015-8080 page", url: "https://www.suse.com/security/cve/CVE-2015-8080/", }, { category: "self", summary: "SUSE CVE CVE-2016-10517 page", url: "https://www.suse.com/security/cve/CVE-2016-10517/", }, { category: "self", summary: "SUSE CVE CVE-2016-8339 page", url: "https://www.suse.com/security/cve/CVE-2016-8339/", }, { category: "self", summary: "SUSE CVE CVE-2017-15047 page", url: "https://www.suse.com/security/cve/CVE-2017-15047/", }, { category: "self", summary: "SUSE CVE CVE-2018-11218 page", url: "https://www.suse.com/security/cve/CVE-2018-11218/", }, { category: "self", summary: "SUSE CVE CVE-2018-11219 page", url: "https://www.suse.com/security/cve/CVE-2018-11219/", }, ], title: "Optional update for python-redis and redis", tracking: { current_release_date: "2020-11-11T11:26:43Z", generator: { date: "2020-11-11T11:26:43Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-OU-2020:3291-1", initial_release_date: "2020-11-11T11:26:43Z", revision_history: [ { date: "2020-11-11T11:26:43Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "redis-6.0.8-1.3.1.aarch64", product: { name: "redis-6.0.8-1.3.1.aarch64", product_id: "redis-6.0.8-1.3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "redis-6.0.8-1.3.1.i586", product: { name: "redis-6.0.8-1.3.1.i586", product_id: "redis-6.0.8-1.3.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "python2-redis-3.4.1-3.3.1.noarch", product: { name: "python2-redis-3.4.1-3.3.1.noarch", product_id: "python2-redis-3.4.1-3.3.1.noarch", }, }, { category: "product_version", name: "python3-redis-3.4.1-3.3.1.noarch", product: { name: "python3-redis-3.4.1-3.3.1.noarch", product_id: "python3-redis-3.4.1-3.3.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "redis-6.0.8-1.3.1.ppc64le", product: { name: "redis-6.0.8-1.3.1.ppc64le", product_id: "redis-6.0.8-1.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "redis-6.0.8-1.3.1.s390x", product: { name: "redis-6.0.8-1.3.1.s390x", product_id: "redis-6.0.8-1.3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "redis-6.0.8-1.3.1.x86_64", product: { name: "redis-6.0.8-1.3.1.x86_64", product_id: "redis-6.0.8-1.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Server Applications 15 SP2", product: { name: "SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-server-applications:15:sp2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "redis-6.0.8-1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", }, product_reference: "redis-6.0.8-1.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "redis-6.0.8-1.3.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", }, product_reference: "redis-6.0.8-1.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "redis-6.0.8-1.3.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", }, product_reference: "redis-6.0.8-1.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "redis-6.0.8-1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", }, product_reference: "redis-6.0.8-1.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2013-7458", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7458", }, ], notes: [ { category: "general", text: "linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7458", url: "https://www.suse.com/security/cve/CVE-2013-7458", }, { category: "external", summary: "SUSE Bug 991250 for CVE-2013-7458", url: "https://bugzilla.suse.com/991250", }, { category: "external", summary: "SUSE Bug 991387 for CVE-2013-7458", url: "https://bugzilla.suse.com/991387", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-11T11:26:43Z", details: "low", }, ], title: "CVE-2013-7458", }, { cve: "CVE-2015-8080", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8080", }, ], notes: [ { category: "general", text: "Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8080", url: "https://www.suse.com/security/cve/CVE-2015-8080", }, { category: "external", summary: "SUSE Bug 1173018 for CVE-2015-8080", url: "https://bugzilla.suse.com/1173018", }, { category: "external", summary: "SUSE Bug 954199 for CVE-2015-8080", url: "https://bugzilla.suse.com/954199", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-11T11:26:43Z", details: "important", }, ], title: "CVE-2015-8080", }, { cve: "CVE-2016-10517", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10517", }, ], notes: [ { category: "general", text: "networking.c in Redis before 3.2.7 allows \"Cross Protocol Scripting\" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10517", url: "https://www.suse.com/security/cve/CVE-2016-10517", }, { category: "external", summary: "SUSE Bug 1064980 for CVE-2016-10517", url: "https://bugzilla.suse.com/1064980", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-11T11:26:43Z", details: "important", }, ], title: "CVE-2016-10517", }, { cve: "CVE-2016-8339", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-8339", }, ], notes: [ { category: "general", text: "A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-8339", url: "https://www.suse.com/security/cve/CVE-2016-8339", }, { category: "external", summary: "SUSE Bug 1002351 for CVE-2016-8339", url: "https://bugzilla.suse.com/1002351", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-11T11:26:43Z", details: "critical", }, ], title: "CVE-2016-8339", }, { cve: "CVE-2017-15047", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15047", }, ], notes: [ { category: "general", text: "The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by leveraging \"limited access to the machine.\"", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15047", url: "https://www.suse.com/security/cve/CVE-2017-15047", }, { category: "external", summary: "SUSE Bug 1061967 for CVE-2017-15047", url: "https://bugzilla.suse.com/1061967", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-11T11:26:43Z", details: "critical", }, ], title: "CVE-2017-15047", }, { cve: "CVE-2018-11218", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11218", }, ], notes: [ { category: "general", text: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11218", url: "https://www.suse.com/security/cve/CVE-2018-11218", }, { category: "external", summary: "SUSE Bug 1097430 for CVE-2018-11218", url: "https://bugzilla.suse.com/1097430", }, { category: "external", summary: "SUSE Bug 1097768 for CVE-2018-11218", url: "https://bugzilla.suse.com/1097768", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-11T11:26:43Z", details: "critical", }, ], title: "CVE-2018-11218", }, { cve: "CVE-2018-11219", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11219", }, ], notes: [ { category: "general", text: "An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11219", url: "https://www.suse.com/security/cve/CVE-2018-11219", }, { category: "external", summary: "SUSE Bug 1097430 for CVE-2018-11219", url: "https://bugzilla.suse.com/1097430", }, { category: "external", summary: "SUSE Bug 1097768 for CVE-2018-11219", url: "https://bugzilla.suse.com/1097768", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:redis-6.0.8-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-11T11:26:43Z", details: "critical", }, ], title: "CVE-2018-11219", }, ], }
ICSMA-21-187-01
Vulnerability from csaf_cisa
Published
2021-07-06 00:00
Modified
2022-04-05 00:00
Summary
Philips Vue PACS (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an unauthorized person or process to eavesdrop, view or modify data, gain system access, perform code execution, install unauthorized software, or affect system data integrity in such a way as to negatively impact the confidentiality, integrity, or availability of the system.
Critical infrastructure sectors
Healthcare and Public Health
Countries/areas deployed
Worldwide
Company headquarters location
Netherlands
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet; Locate control system networks and remote devices behind firewalls and isolate them from the business network; When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{ document: { acknowledgments: [ { names: [ "Antonio Kulhanek", ], summary: "reporting CVE-2021-39369 to Philips", }, { organization: "Philips", summary: "reporting these vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could allow an unauthorized person or process to eavesdrop, view or modify data, gain system access, perform code execution, install unauthorized software, or affect system data integrity in such a way as to negatively impact the confidentiality, integrity, or availability of the system.", title: "Risk evaluation", }, { category: "other", text: "Healthcare and Public Health", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Netherlands", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet; Locate control system networks and remote devices behind firewalls and isolate them from the business network; When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "ICS Advisory ICSMA-21-187-01 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsma-21-187-01.json", }, { category: "self", summary: "ICS Advisory ICSMA-21-187-01 Web Version", url: "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-21-187-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Philips Vue PACS (Update B)", tracking: { current_release_date: "2022-04-05T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSMA-21-187-01", initial_release_date: "2021-07-06T00:00:00.000000Z", revision_history: [ { date: "2021-07-06T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSMA-21-187-01 Philips Vue PACS", }, { date: "2022-01-20T00:00:00.000000Z", legacy_version: "A", number: "2", summary: "ICSMA-21-187-01 Philips Vue PACS (Update A)", }, { date: "2022-04-05T00:00:00.000000Z", legacy_version: "B", number: "3", summary: "ICSMA-21-187-01 Philips Vue PACS (Update B)", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<= 12.2.x.x", product: { name: "Vue PACS: Versions 12.2.x.x and prior", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "Vue PACS", }, { branches: [ { category: "product_version_range", name: "<= 12.2.1.5", product: { name: "Vue Motion: Versions 12.2.1.5 and prior", product_id: "CSAFPID-0002", }, }, ], category: "product_name", name: "Vue Motion", }, { branches: [ { category: "product_version_range", name: "<= 12.2.x.x", product: { name: "Vue MyVue: Versions 12.2.x.x and prior", product_id: "CSAFPID-0003", }, }, ], category: "product_name", name: "Vue MyVue", }, { branches: [ { category: "product_version_range", name: "<= 12.2.x.x", product: { name: "Vue Speech: Versions 12.2.x.x and prior", product_id: "CSAFPID-0004", }, }, ], category: "product_name", name: "Vue Speech", }, ], category: "vendor", name: "Philips", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1938", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. CVE-2020-1938 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2020-1938", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2018-12326", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. This vulnerability exists within a third party software component (Redis). CVE-2018-12326 and CVE-2018-11218 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2018-12326", }, { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2018-11218", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2018-11218", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. This vulnerability exists within a third party software component (Redis). CVE-2020-4670 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2020-4670", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2020-4670", cwe: { id: "CWE-1188", name: "Initialization of a Resource with an Insecure Default", }, notes: [ { category: "summary", text: "The software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure. CVE-2018-8014 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2018-8014", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2018-8014", cwe: { id: "CWE-324", name: "Use of a Key Past its Expiration Date", }, notes: [ { category: "summary", text: "The product uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key. CVE-2021-33020 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-33020", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-33020", cwe: { id: "CWE-665", name: "Improper Initialization", }, notes: [ { category: "summary", text: "The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used. This vulnerability exists within a third party software component (7-Zip). CVE-2018-10115 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2018-10115", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2018-10115", cwe: { id: "CWE-710", name: "Improper Adherence to Coding Standards", }, notes: [ { category: "summary", text: "The software does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities. CVE-2021-27501 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-27501", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-27501", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, notes: [ { category: "summary", text: "The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information. CVE-2021-33018 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-33018", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-33018", cwe: { id: "CWE-693", name: "Protection Mechanism Failure", }, notes: [ { category: "summary", text: "The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. CVE-2021-27497 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-27497", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-27497", cwe: { id: "CWE-354", name: "Improper Validation of Integrity Check Value", }, notes: [ { category: "summary", text: "Weaknesses in this category is related to a software system's data integrity components. This vulnerability exists within a third party software component (Oracle Database). CVE-2012-1708 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2012-1708", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2012-1708", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in an output used as a webpage that is served to other users. CVE-2015-9251 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2015-9251", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2015-9251", cwe: { id: "CWE-707", name: "Improper Neutralization", }, notes: [ { category: "summary", text: "The product does not ensure or incorrectly ensures structured messages or data are well formed and that certain security properties are met before being read from an upstream component or sent to a downstream component. CVE-2021-27493 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-27493", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-27493", cwe: { id: "CWE-176", name: "Improper Handling of Unicode Encoding", }, notes: [ { category: "summary", text: "The software does not properly handle when an input contains Unicode encoding. CVE-2019-9636 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2019-9636", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2019-9636", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "The product transmits or stores authentication credentials, but it uses an insecure method susceptible to unauthorized interception and/or retrieval. CVE-2021-33024 has been assigned to this vulnerability. A CVSS v3 base score of 3.7 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-33024", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-33024", cwe: { id: "CWE-319", name: "Cleartext Transmission of Sensitive Information", }, notes: [ { category: "summary", text: "The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. CVE-2021-33022 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-33022", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-33022", cwe: { id: "CWE-23", name: "Relative Path Traversal", }, notes: [ { category: "summary", text: "The VideoStream function allows authenticated users access to files stored outside the web root. CVE-2021-39369 has been assigned to this vulnerability. A CVSS v3 base score of 2.7 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-39369", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 2.7, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, ], }
icsma-21-187-01
Vulnerability from csaf_cisa
Published
2021-07-06 00:00
Modified
2022-04-05 00:00
Summary
Philips Vue PACS (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an unauthorized person or process to eavesdrop, view or modify data, gain system access, perform code execution, install unauthorized software, or affect system data integrity in such a way as to negatively impact the confidentiality, integrity, or availability of the system.
Critical infrastructure sectors
Healthcare and Public Health
Countries/areas deployed
Worldwide
Company headquarters location
Netherlands
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet; Locate control system networks and remote devices behind firewalls and isolate them from the business network; When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{ document: { acknowledgments: [ { names: [ "Antonio Kulhanek", ], summary: "reporting CVE-2021-39369 to Philips", }, { organization: "Philips", summary: "reporting these vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could allow an unauthorized person or process to eavesdrop, view or modify data, gain system access, perform code execution, install unauthorized software, or affect system data integrity in such a way as to negatively impact the confidentiality, integrity, or availability of the system.", title: "Risk evaluation", }, { category: "other", text: "Healthcare and Public Health", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Netherlands", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet; Locate control system networks and remote devices behind firewalls and isolate them from the business network; When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "ICS Advisory ICSMA-21-187-01 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsma-21-187-01.json", }, { category: "self", summary: "ICS Advisory ICSMA-21-187-01 Web Version", url: "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-21-187-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Philips Vue PACS (Update B)", tracking: { current_release_date: "2022-04-05T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSMA-21-187-01", initial_release_date: "2021-07-06T00:00:00.000000Z", revision_history: [ { date: "2021-07-06T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSMA-21-187-01 Philips Vue PACS", }, { date: "2022-01-20T00:00:00.000000Z", legacy_version: "A", number: "2", summary: "ICSMA-21-187-01 Philips Vue PACS (Update A)", }, { date: "2022-04-05T00:00:00.000000Z", legacy_version: "B", number: "3", summary: "ICSMA-21-187-01 Philips Vue PACS (Update B)", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<= 12.2.x.x", product: { name: "Vue PACS: Versions 12.2.x.x and prior", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "Vue PACS", }, { branches: [ { category: "product_version_range", name: "<= 12.2.1.5", product: { name: "Vue Motion: Versions 12.2.1.5 and prior", product_id: "CSAFPID-0002", }, }, ], category: "product_name", name: "Vue Motion", }, { branches: [ { category: "product_version_range", name: "<= 12.2.x.x", product: { name: "Vue MyVue: Versions 12.2.x.x and prior", product_id: "CSAFPID-0003", }, }, ], category: "product_name", name: "Vue MyVue", }, { branches: [ { category: "product_version_range", name: "<= 12.2.x.x", product: { name: "Vue Speech: Versions 12.2.x.x and prior", product_id: "CSAFPID-0004", }, }, ], category: "product_name", name: "Vue Speech", }, ], category: "vendor", name: "Philips", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1938", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. CVE-2020-1938 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2020-1938", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2018-12326", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. This vulnerability exists within a third party software component (Redis). CVE-2018-12326 and CVE-2018-11218 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2018-12326", }, { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2018-11218", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2018-11218", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. This vulnerability exists within a third party software component (Redis). CVE-2020-4670 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2020-4670", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2020-4670", cwe: { id: "CWE-1188", name: "Initialization of a Resource with an Insecure Default", }, notes: [ { category: "summary", text: "The software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure. CVE-2018-8014 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2018-8014", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2018-8014", cwe: { id: "CWE-324", name: "Use of a Key Past its Expiration Date", }, notes: [ { category: "summary", text: "The product uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key. CVE-2021-33020 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-33020", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-33020", cwe: { id: "CWE-665", name: "Improper Initialization", }, notes: [ { category: "summary", text: "The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used. This vulnerability exists within a third party software component (7-Zip). CVE-2018-10115 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2018-10115", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2018-10115", cwe: { id: "CWE-710", name: "Improper Adherence to Coding Standards", }, notes: [ { category: "summary", text: "The software does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities. CVE-2021-27501 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-27501", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-27501", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, notes: [ { category: "summary", text: "The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information. CVE-2021-33018 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-33018", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-33018", cwe: { id: "CWE-693", name: "Protection Mechanism Failure", }, notes: [ { category: "summary", text: "The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. CVE-2021-27497 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-27497", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-27497", cwe: { id: "CWE-354", name: "Improper Validation of Integrity Check Value", }, notes: [ { category: "summary", text: "Weaknesses in this category is related to a software system's data integrity components. This vulnerability exists within a third party software component (Oracle Database). CVE-2012-1708 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2012-1708", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2012-1708", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in an output used as a webpage that is served to other users. CVE-2015-9251 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2015-9251", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2015-9251", cwe: { id: "CWE-707", name: "Improper Neutralization", }, notes: [ { category: "summary", text: "The product does not ensure or incorrectly ensures structured messages or data are well formed and that certain security properties are met before being read from an upstream component or sent to a downstream component. CVE-2021-27493 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-27493", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-27493", cwe: { id: "CWE-176", name: "Improper Handling of Unicode Encoding", }, notes: [ { category: "summary", text: "The software does not properly handle when an input contains Unicode encoding. CVE-2019-9636 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2019-9636", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2019-9636", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "The product transmits or stores authentication credentials, but it uses an insecure method susceptible to unauthorized interception and/or retrieval. CVE-2021-33024 has been assigned to this vulnerability. A CVSS v3 base score of 3.7 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-33024", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-33024", cwe: { id: "CWE-319", name: "Cleartext Transmission of Sensitive Information", }, notes: [ { category: "summary", text: "The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. CVE-2021-33022 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-33022", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, { cve: "CVE-2021-33022", cwe: { id: "CWE-23", name: "Relative Path Traversal", }, notes: [ { category: "summary", text: "The VideoStream function allows authenticated users access to files stored outside the web root. CVE-2021-39369 has been assigned to this vulnerability. A CVSS v3 base score of 2.7 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, references: [ { category: "external", summary: "www.cve.org", url: "https://www.cve.org/CVERecord?id=CVE-2021-39369", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Philips recommends configuring the Vue PACS environment per D000763414 - Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter.", product_ids: [ "CSAFPID-0001", ], url: "https://incenter.medical.philips.com/", }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for MyVue that remediates CWE-693 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.1.5 in June of 2020 for Vue Motion that remediates CWE-324 and recommends contacting support below.", product_ids: [ "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for Speech that remediates CWE-693, CWE-319, CWE-119, CWE-287, and CWE-1214 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.0 in May of 2021 for PACS that remediates CWE-20, CWE-119, CWE-287 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips released a security fix for Speech in Nov 2021 that remediates CWE-665 and CWE-327 and recommends contacting support below.", product_ids: [ "CSAFPID-0004", ], }, { category: "vendor_fix", details: "Philips released version 12.2.1.6 in December 2021 for VuePAC (WFM), Vue Motion (Enterprise Viewer), Vue Explorer, and Web System Configuration that remediates CWE-23.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for MyVue that remediates CWE-665 and CWE-710 and recommends contacting support below.", product_ids: [ "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Philips released Version 12.2.8.100 in Q1 / 2022 for PACS that remediates CWE-79, CWE-693, CWE-665, CWE-1188, CWE-327, CWE-176, CWE-522, CWE-710, and CWE-707 and recommends contacting support below.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Philips will release a fix for PACS that remediates CWE-522 with low score of 3.7 in Q3 2023.", product_ids: [ "CSAFPID-0001", ], }, { category: "vendor_fix", details: "Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://eservice.philips.com/Account/Login?returnUrl=%2F", }, { category: "vendor_fix", details: "The Philips advisory is available.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "http://www.philips.com/productsecurity", }, { category: "vendor_fix", details: "Please see the Philips product security website for the latest security information for Philips products.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], url: "https://www.philips.com/productsecurity", }, ], scores: [ { cvss_v3: { baseScore: 2.7, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", ], }, ], }, ], }
ghsa-84mm-87vg-44q4
Vulnerability from github
Published
2022-05-13 01:07
Modified
2022-05-13 01:07
Severity ?
Details
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
{ affected: [], aliases: [ "CVE-2018-11218", ], database_specific: { cwe_ids: [ "CWE-787", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2018-06-17T17:29:00Z", severity: "CRITICAL", }, details: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", id: "GHSA-84mm-87vg-44q4", modified: "2022-05-13T01:07:35Z", published: "2022-05-13T01:07:35Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11218", }, { type: "WEB", url: "https://github.com/antirez/redis/issues/5017", }, { type: "WEB", url: "https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3", }, { type: "WEB", url: "https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2019:0052", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2019:0094", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2019:1860", }, { type: "WEB", url: "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", }, { type: "WEB", url: "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", }, { type: "WEB", url: "https://security.gentoo.org/glsa/201908-04", }, { type: "WEB", url: "https://www.debian.org/security/2018/dsa-4230", }, { type: "WEB", url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", }, { type: "WEB", url: "http://antirez.com/news/119", }, { type: "WEB", url: "http://www.securityfocus.com/bid/104553", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], }
opensuse-su-2024:11299-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
redis-6.2.5-1.2 on GA media
Notes
Title of the patch
redis-6.2.5-1.2 on GA media
Description of the patch
These are all security issues fixed in the redis-6.2.5-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11299
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "redis-6.2.5-1.2 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the redis-6.2.5-1.2 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-11299", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11299-1.json", }, { category: "self", summary: "SUSE CVE CVE-2015-8080 page", url: "https://www.suse.com/security/cve/CVE-2015-8080/", }, { category: "self", summary: "SUSE CVE CVE-2016-10517 page", url: "https://www.suse.com/security/cve/CVE-2016-10517/", }, { category: "self", summary: "SUSE CVE CVE-2017-15047 page", url: "https://www.suse.com/security/cve/CVE-2017-15047/", }, { category: "self", summary: "SUSE CVE CVE-2018-11218 page", url: "https://www.suse.com/security/cve/CVE-2018-11218/", }, { category: "self", summary: "SUSE CVE CVE-2021-21309 page", url: "https://www.suse.com/security/cve/CVE-2021-21309/", }, { category: "self", summary: "SUSE CVE CVE-2021-29477 page", url: "https://www.suse.com/security/cve/CVE-2021-29477/", }, { category: "self", summary: "SUSE CVE CVE-2021-29478 page", url: "https://www.suse.com/security/cve/CVE-2021-29478/", }, { category: "self", summary: "SUSE CVE CVE-2021-32625 page", url: "https://www.suse.com/security/cve/CVE-2021-32625/", }, { category: "self", summary: "SUSE CVE CVE-2021-32761 page", url: "https://www.suse.com/security/cve/CVE-2021-32761/", }, ], title: "redis-6.2.5-1.2 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:11299-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "redis-6.2.5-1.2.aarch64", product: { name: "redis-6.2.5-1.2.aarch64", product_id: "redis-6.2.5-1.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "redis-6.2.5-1.2.ppc64le", product: { name: "redis-6.2.5-1.2.ppc64le", product_id: "redis-6.2.5-1.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "redis-6.2.5-1.2.s390x", product: { name: "redis-6.2.5-1.2.s390x", product_id: "redis-6.2.5-1.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "redis-6.2.5-1.2.x86_64", product: { name: "redis-6.2.5-1.2.x86_64", product_id: "redis-6.2.5-1.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "redis-6.2.5-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", }, product_reference: "redis-6.2.5-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "redis-6.2.5-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", }, product_reference: "redis-6.2.5-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "redis-6.2.5-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", }, product_reference: "redis-6.2.5-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "redis-6.2.5-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", }, product_reference: "redis-6.2.5-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2015-8080", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8080", }, ], notes: [ { category: "general", text: "Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8080", url: "https://www.suse.com/security/cve/CVE-2015-8080", }, { category: "external", summary: "SUSE Bug 1173018 for CVE-2015-8080", url: "https://bugzilla.suse.com/1173018", }, { category: "external", summary: "SUSE Bug 954199 for CVE-2015-8080", url: "https://bugzilla.suse.com/954199", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2015-8080", }, { cve: "CVE-2016-10517", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10517", }, ], notes: [ { category: "general", text: "networking.c in Redis before 3.2.7 allows \"Cross Protocol Scripting\" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10517", url: "https://www.suse.com/security/cve/CVE-2016-10517", }, { category: "external", summary: "SUSE Bug 1064980 for CVE-2016-10517", url: "https://bugzilla.suse.com/1064980", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-10517", }, { cve: "CVE-2017-15047", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15047", }, ], notes: [ { category: "general", text: "The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by leveraging \"limited access to the machine.\"", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15047", url: "https://www.suse.com/security/cve/CVE-2017-15047", }, { category: "external", summary: "SUSE Bug 1061967 for CVE-2017-15047", url: "https://bugzilla.suse.com/1061967", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2017-15047", }, { cve: "CVE-2018-11218", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11218", }, ], notes: [ { category: "general", text: "Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11218", url: "https://www.suse.com/security/cve/CVE-2018-11218", }, { category: "external", summary: "SUSE Bug 1097430 for CVE-2018-11218", url: "https://bugzilla.suse.com/1097430", }, { category: "external", summary: "SUSE Bug 1097768 for CVE-2018-11218", url: "https://bugzilla.suse.com/1097768", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2018-11218", }, { cve: "CVE-2021-21309", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-21309", }, ], notes: [ { category: "general", text: "Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap and potentially result with remote code execution. Redis 4.0 or newer uses a configurable limit for the maximum supported bulk input size. By default, it is 512MB which is a safe value for all platforms. If the limit is significantly increased, receiving a large request from a client may trigger several integer overflow scenarios, which would result with buffer overflow and heap corruption. We believe this could in certain conditions be exploited for remote code execution. By default, authenticated Redis users have access to all configuration parameters and can therefore use the \"CONFIG SET proto-max-bulk-len\" to change the safe default, making the system vulnerable. **This problem only affects 32-bit Redis (on a 32-bit system, or as a 32-bit executable running on a 64-bit system).** The problem is fixed in version 6.2, and the fix is back ported to 6.0.11 and 5.0.11. Make sure you use one of these versions if you are running 32-bit Redis. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent clients from directly executing `CONFIG SET`: Using Redis 6.0 or newer, ACL configuration can be used to block the command. Using older versions, the `rename-command` configuration directive can be used to rename the command to a random string unknown to users, rendering it inaccessible. Please note that this workaround may have an additional impact on users or operational systems that expect `CONFIG SET` to behave in certain ways.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-21309", url: "https://www.suse.com/security/cve/CVE-2021-21309", }, { category: "external", summary: "SUSE Bug 1182657 for CVE-2021-21309", url: "https://bugzilla.suse.com/1182657", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-21309", }, { cve: "CVE-2021-29477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-29477", }, ], notes: [ { category: "general", text: "Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer could be exploited using the `STRALGO LCS` command to corrupt the heap and potentially result with remote code execution. The problem is fixed in version 6.2.3 and 6.0.13. An additional workaround to mitigate the problem without patching the redis-server executable is to use ACL configuration to prevent clients from using the `STRALGO LCS` command.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-29477", url: "https://www.suse.com/security/cve/CVE-2021-29477", }, { category: "external", summary: "SUSE Bug 1185729 for CVE-2021-29477", url: "https://bugzilla.suse.com/1185729", }, { category: "external", summary: "SUSE Bug 1186722 for CVE-2021-29477", url: "https://bugzilla.suse.com/1186722", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-29477", }, { cve: "CVE-2021-29478", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-29478", }, ], notes: [ { category: "general", text: "Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution. Redis 6.0 and earlier are not directly affected by this issue. The problem is fixed in version 6.2.3. An additional workaround to mitigate the problem without patching the `redis-server` executable is to prevent users from modifying the `set-max-intset-entries` configuration parameter. This can be done using ACL to restrict unprivileged users from using the `CONFIG SET` command.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-29478", url: "https://www.suse.com/security/cve/CVE-2021-29478", }, { category: "external", summary: "SUSE Bug 1185728 for CVE-2021-29478", url: "https://bugzilla.suse.com/1185728", }, { category: "external", summary: "SUSE Bug 1185730 for CVE-2021-29478", url: "https://bugzilla.suse.com/1185730", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-29478", }, { cve: "CVE-2021-32625", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-32625", }, ], notes: [ { category: "general", text: "Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This is a result of an incomplete fix by CVE-2021-29477. The problem is fixed in version 6.2.4 and 6.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to use ACL configuration to prevent clients from using the STRALGO LCS command. On 64 bit systems which have the fixes of CVE-2021-29477 (6.2.3 or 6.0.13), it is sufficient to make sure that the proto-max-bulk-len config parameter is smaller than 2GB (default is 512MB).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-32625", url: "https://www.suse.com/security/cve/CVE-2021-32625", }, { category: "external", summary: "SUSE Bug 1186722 for CVE-2021-32625", url: "https://bugzilla.suse.com/1186722", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-32625", }, { cve: "CVE-2021-32761", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-32761", }, ], notes: [ { category: "general", text: "Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis `*BIT*` command are vulnerable to integer overflow that can potentially be exploited to corrupt the heap, leak arbitrary heap contents or trigger remote code execution. The vulnerability involves changing the default `proto-max-bulk-len` configuration parameter to a very large value and constructing specially crafted commands bit commands. This problem only affects Redis on 32-bit platforms, or compiled as a 32-bit binary. Redis versions 5.0.`3m 6.0.15, and 6.2.5 contain patches for this issue. An additional workaround to mitigate the problem without patching the `redis-server` executable is to prevent users from modifying the `proto-max-bulk-len` configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-32761", url: "https://www.suse.com/security/cve/CVE-2021-32761", }, { category: "external", summary: "SUSE Bug 1188598 for CVE-2021-32761", url: "https://bugzilla.suse.com/1188598", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:redis-6.2.5-1.2.aarch64", "openSUSE Tumbleweed:redis-6.2.5-1.2.ppc64le", "openSUSE Tumbleweed:redis-6.2.5-1.2.s390x", "openSUSE Tumbleweed:redis-6.2.5-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-32761", }, ], }
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.