KIMDONGYEON00
KIMDONGYEON00
### Summary A buffer overflow vulnerability exists in `isotp_send_single_frame` function that relies only on `assert()` for size validation, which is disabled in release builds. This is the same pattern that...
**Vulnerabilities Fixed** CVE-2022-22822 to CVE-2022-22827 Type: Integer Overflow vulnerabilities in various functions Severity: High (CVSS 9.8) Impact: Potential heap buffer overflow leading to arbitrary code execution Affected Functions: addBinding (CVE-2022-22822)...
### Summary - CVE-2024-31449 was found in Redis, and the same behavior is reproduced in Wireshark. - A Lua-bit stack overflow causes a crash. - According to the [Redis security...
### CVE-2024-31449 Affected component/file: `lua_bit.c` CVE-2024-31449 was found in Redis, and the same behavior is reproduced in Dragonfly. A Lua stack overflow causes a crash. According to the [Redis security...
## Vulnerabilities Fixed CVE-2022-22822 to CVE-2022-22827 Type: Integer Overflow vulnerabilities in various functions Severity: High (CVSS 9.8) Impact: Potential heap buffer overflow leading to arbitrary code execution Affected Functions: addBinding...
### Description Fixes [CVE-2024-45492](https://nvd.nist.gov/vuln/detail/cve-2024-45492) integer overflow vulnerability in bundled libexpat library's nextScaffoldPart function. Adds overflow check to prevent buffer overflow when parsing maliciously crafted XML data on 32-bit platforms. -...
### CVE-2025-29844 Redis versions 8.2.1 and below are vulnerable to remote code execution via a specially crafted Lua script that manipulates the garbage collector to trigger use-after-free. Fixed in version...
- Add code to prevent stack buffer overflow. - Closes #905.
**Crash report** This issue is related to #871: - CVE-2024-31449 was found in Redis, and the same behavior is reproduced in KeyDB. - A Lua stack overflow causes a crash....
### Summary Fixes CVE-2021-32765 integer overflow vulnerability in bundled hiredis library's createArrayObject function. Adds overflow check to prevent buffer overflow when parsing maliciously crafted Redis RESP multi-bulk data. [https://nvd.nist.gov/vuln/detail/CVE-2021-32765](https://nvd.nist.gov/vuln/detail/CVE-2021-32765) [https://github.com/redis/hiredis/commit/76a7b10005c70babee357a7d0f2becf28ec7ed1e](https://github.com/redis/hiredis/commit/76a7b10005c70babee357a7d0f2becf28ec7ed1e)...