CVE-2023-41056

{"id": "CVE-2023-41056", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2024-01-10T16:15:46.557", "references": [{"url": "https://github.com/redis/redis/releases/tag/7.0.15", "tags": ["Release Notes"], "source": "[email protected]"}, {"url": "https://github.com/redis/redis/releases/tag/7.2.4", "tags": ["Release Notes"], "source": "[email protected]"}, {"url": "https://github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2m", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/3JTGQJ2YLYB24B72I5B5H32YIMPVSWIT/", "tags": ["Mailing List", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/JTWHPLC3RI67VNRDOIXLDVNC5YMYBMQN/", "tags": ["Mailing List", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://security.netapp.com/advisory/ntap-20240223-0003/", "source": "[email protected]"}, {"url": "https://github.com/redis/redis/releases/tag/7.0.15", "tags": ["Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/redis/redis/releases/tag/7.2.4", "tags": ["Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2m", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/3JTGQJ2YLYB24B72I5B5H32YIMPVSWIT/", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/JTWHPLC3RI67VNRDOIXLDVNC5YMYBMQN/", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.netapp.com/advisory/ntap-20240223-0003/", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-190"}, {"lang": "en", "value": "CWE-762"}]}], "descriptions": [{"lang": "en", "value": "Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4."}, {"lang": "es", "value": "Redis es una base de datos en memoria que persiste en el disco. Redis maneja incorrectamente el cambio de tama\u00f1o de los b\u00faferes de memoria, lo que puede provocar un desbordamiento de enteros que provoca un desbordamiento del mont\u00f3n y una posible ejecuci\u00f3n remota de c\u00f3digo. Este problema se solucion\u00f3 en las versiones 7.0.15 y 7.2.4."}], "lastModified": "2024-11-21T08:20:28.383", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "205F5134-0355-48E0-B2F4-7E14179654D3", "versionEndExcluding": "7.0.15", "versionStartIncluding": "7.0.9"}, {"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE0E44DA-5BAD-4EB8-82D8-93BB2D7D9CDE", "versionEndExcluding": "7.2.4", "versionStartIncluding": "7.2.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}