CVE-2025-46817

High CVSS: 7.0

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.

Vendor

Redis

Product

Redis

CWE

CWE-190

Yayın Tarihi

2025-10-03 18:15:35

Güncelleme

2026-01-27 19:37:38

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-190 Redis HIGH Redis 2025

Referanslar

https://github.com/redis/redis/commit/fc9abc775e308374f667fdf3e723ef4b7eb0e3ca https://github.com/redis/redis/releases/tag/8.2.2 https://github.com/redis/redis/security/advisories/GHSA-m8fj-85cg-7vhp

Benzer Kayıtlar

High

CVE-2025-62507

Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKD…

Critical

CVE-2025-49844

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user…

Medium

CVE-2025-46818

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user…

Medium

CVE-2025-46819

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user…

High

CVE-2025-48367

Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP p…

High

CVE-2025-32023

Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19,…