Msrc Cbl2 Redis 6.2.18-3 On Cbl Mariner 2.0 vulnerabilities

4 known vulnerabilities affecting msrc/cbl2_redis_6.2.18-3_on_cbl_mariner_2.0.

Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2025-49844CRITICALCVSS 9.9PoC2025-10-14
CVE-2025-49844 [CRITICAL] CWE-416 Redis Lua Use-After-Free may lead to remote code execution Redis Lua Use-After-Free may lead to remote code execution FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi
msrc
CVE-2025-46817HIGHCVSS 7.0PoC2025-10-14
CVE-2025-46817 [HIGH] CWE-190 Lua library commands may lead to integer overflow and potential RCE Lua library commands may lead to integer overflow and potential RCE FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sourc
msrc
CVE-2025-46819MEDIUMCVSS 6.3PoC2025-10-14
CVE-2025-46819 [MEDIUM] CWE-190 Redis is vulnerable to DoS via specially crafted LUA scripts Redis is vulnerable to DoS via specially crafted LUA scripts FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries
msrc
CVE-2025-21605HIGHCVSS 7.52025-04-08
CVE-2025-21605 [HIGH] CWE-770 Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date w
msrc