Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-35977

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.461
EPSS Ranking 97.5%
CVSS Severity
CVSS v3 Score 5.5
Products affected by CVE-2022-35977
  • Redis » Redis » Version: 6.0.0
    cpe:2.3:a:redis:redis:6.0.0
  • Redis » Redis » Version: 6.0.1
    cpe:2.3:a:redis:redis:6.0.1
  • Redis » Redis » Version: 6.0.10
    cpe:2.3:a:redis:redis:6.0.10
  • Redis » Redis » Version: 6.0.11
    cpe:2.3:a:redis:redis:6.0.11
  • Redis » Redis » Version: 6.0.12
    cpe:2.3:a:redis:redis:6.0.12
  • Redis » Redis » Version: 6.0.13
    cpe:2.3:a:redis:redis:6.0.13
  • Redis » Redis » Version: 6.0.14
    cpe:2.3:a:redis:redis:6.0.14
  • Redis » Redis » Version: 6.0.15
    cpe:2.3:a:redis:redis:6.0.15
  • Redis » Redis » Version: 6.0.16
    cpe:2.3:a:redis:redis:6.0.16
  • Redis » Redis » Version: 6.0.2
    cpe:2.3:a:redis:redis:6.0.2
  • Redis » Redis » Version: 6.0.3
    cpe:2.3:a:redis:redis:6.0.3
  • Redis » Redis » Version: 6.0.4
    cpe:2.3:a:redis:redis:6.0.4
  • Redis » Redis » Version: 6.0.5
    cpe:2.3:a:redis:redis:6.0.5
  • Redis » Redis » Version: 6.0.6
    cpe:2.3:a:redis:redis:6.0.6
  • Redis » Redis » Version: 6.0.7
    cpe:2.3:a:redis:redis:6.0.7
  • Redis » Redis » Version: 6.0.8
    cpe:2.3:a:redis:redis:6.0.8
  • Redis » Redis » Version: 6.0.9
    cpe:2.3:a:redis:redis:6.0.9
  • Redis » Redis » Version: 6.2.0
    cpe:2.3:a:redis:redis:6.2.0
  • Redis » Redis » Version: 6.2.1
    cpe:2.3:a:redis:redis:6.2.1
  • Redis » Redis » Version: 6.2.2
    cpe:2.3:a:redis:redis:6.2.2
  • Redis » Redis » Version: 6.2.3
    cpe:2.3:a:redis:redis:6.2.3
  • Redis » Redis » Version: 6.2.4
    cpe:2.3:a:redis:redis:6.2.4
  • Redis » Redis » Version: 6.2.5
    cpe:2.3:a:redis:redis:6.2.5
  • Redis » Redis » Version: 6.2.6
    cpe:2.3:a:redis:redis:6.2.6
  • Redis » Redis » Version: 6.2.7
    cpe:2.3:a:redis:redis:6.2.7
  • Redis » Redis » Version: 6.2.8
    cpe:2.3:a:redis:redis:6.2.8
  • Redis » Redis » Version: 7.0.0
    cpe:2.3:a:redis:redis:7.0.0
  • Redis » Redis » Version: 7.0.1
    cpe:2.3:a:redis:redis:7.0.1
  • Redis » Redis » Version: 7.0.2
    cpe:2.3:a:redis:redis:7.0.2
  • Redis » Redis » Version: 7.0.3
    cpe:2.3:a:redis:redis:7.0.3
  • Redis » Redis » Version: 7.0.4
    cpe:2.3:a:redis:redis:7.0.4
  • Redis » Redis » Version: 7.0.5
    cpe:2.3:a:redis:redis:7.0.5
  • Redis » Redis » Version: 7.0.6
    cpe:2.3:a:redis:redis:7.0.6
  • Redis » Redis » Version: 7.0.7
    cpe:2.3:a:redis:redis:7.0.7


Products
Pricing
Contact Us

Shodan ® - All rights reserved