CVE-2018-11219
published 2018-06-17CVE-2018-11219: An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading…
critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | redis | < redis 5:4.0.10-1 (bookworm) | redis 5:4.0.10-1 (bookworm) |
| oracle | communications_operations_monitor | — | — |
| oracle | communications_operations_monitor | — | — |
| redhat | openstack | — | — |
| redhat | openstack | — | — |
| redis | redis | >= 0 < 5:4.0.10-1 | 5:4.0.10-1 |
| redis | redis | >= 0 < 5:4.0.10-1 | 5:4.0.10-1 |
| redis | redis | >= 0 < 5:4.0.10-1 | 5:4.0.10-1 |
| redis | redis | >= 0 < 5:4.0.10-1 | 5:4.0.10-1 |
| redislabs | redis | < 3.2.12 | 3.2.12 |
| redislabs | redis | — | — |
| redislabs | redis | >= 4.0 < 4.0.10 | 4.0.10 |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL