Approved changes feed: RSS · Atom

cpe:2.3:a:redis:redis:7.4.0:*:*:*:*:*:*:*

part: a version: 7.4.0 update: *

VendorRedis (6c818399-7e28-57a6-8fa0-307b3f9a96f5)
ProductRedis (56983391-c965-509a-bb47-f44d8ba59efe)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:deb/debian/redis purl2cpe 2026-06-01 10:11:34.099916
pkg:deb/ubuntu/redis purl2cpe 2026-06-01 10:11:34.099918
pkg:docker/redis purl2cpe 2026-06-01 10:11:34.099920
pkg:github/redis/redis purl2cpe 2026-06-01 10:11:34.099921
pkg:rpm/centos/redis purl2cpe 2026-06-01 10:11:34.099923
pkg:rpm/opensuse/redis purl2cpe 2026-06-01 10:11:34.099925

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-31227 vulnerable 2026-06-08 06:35:31.130846 Denial-of-service due to malformed ACL selectors in Redis
MEDIUM (4.4)
Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem exists in Redis 7 prior to versions 7.2.6 and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Published: 2024-10-07T19:51:04.520Z
Updated: 2024-10-07T20:20:56.702Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.