CVE-2013-0178

CWE-20Improper Input Validation6 documents6 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 65.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Redislabs RedisRedis Labs Redis
Timeline
PublishedNov 1
Latest updateMay 5

Description

Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDredislabs/redis< 2.6.0
Debianredis< 2:2.6.0-1+3
CVEListV5redis_labs/redisbefore 2.6

Patches

Patch: www.openwall.comPatch: www.openwall.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

3
GHSA
GHSA-299x-crmv-p4vf: Insecure temporary file vulnerability in Redis before 22022-05-05
CVEList
CVE-2013-0178: Insecure temporary file vulnerability in Redis before 22019-11-01
OSV
CVE-2013-0178: Insecure temporary file vulnerability in Redis before 22019-11-01

📋Vendor Advisories

1
Debian
CVE-2013-0178: redis - Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-...2013

💬Community

1
Bugzilla
CVE-2013-0178 redis 2.4: Insecure temporary flaw use for redis service's vm swap file2013-01-12