{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-31228", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-03-29T14:16:31.902Z", "datePublished": "2024-10-07T19:51:06.784Z", "dateUpdated": "2024-10-07T20:20:24.001Z"}, "containers": {"cna": {"title": "Denial-of-service due to unbounded pattern matching in Redis", "problemTypes": [{"descriptions": [{"cweId": "CWE-674", "lang": "en", "description": "CWE-674: Uncontrolled Recursion", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976"}, {"name": "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0", "tags": ["x_refsource_MISC"], "url": "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0"}], "affected": [{"vendor": "redis", "product": "redis", "versions": [{"version": ">= 2.2.5, < 6.2.16", "status": "affected"}, {"version": ">= 7.0.0, < 7.2.6", "status": "affected"}, {"version": ">= 7.3.0, < 7.4.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-10-07T19:51:06.784Z"}, "descriptions": [{"lang": "en", "value": "Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crash. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."}], "source": {"advisory": "GHSA-66gq-c942-6976", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-07T20:20:14.689611Z", "id": "CVE-2024-31228", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-07T20:20:24.001Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-31228", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-07T20:20:14.689611Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-07T20:20:19.710Z"}}], "cna": {"title": "Denial-of-service due to unbounded pattern matching in Redis", "source": {"advisory": "GHSA-66gq-c942-6976", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "redis", "product": "redis", "versions": [{"status": "affected", "version": ">= 2.2.5, < 6.2.16"}, {"status": "affected", "version": ">= 7.0.0, < 7.2.6"}, {"status": "affected", "version": ">= 7.3.0, < 7.4.1"}]}], "references": [{"url": "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976", "name": "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0", "name": "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crash. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-674", "description": "CWE-674: Uncontrolled Recursion"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-10-07T19:51:06.784Z"}}}, "cveMetadata": {"cveId": "CVE-2024-31228", "state": "PUBLISHED", "dateUpdated": "2024-10-07T20:20:24.001Z", "dateReserved": "2024-03-29T14:16:31.902Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-10-07T19:51:06.784Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", "matchCriteriaId": "E164B843-88D9-4962-ABDF-DCB38EDF35F6", "versionEndExcluding": "6.2.16", "versionStartIncluding": "2.2.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F8A45E4-57CF-4B05-B188-A75BBDF37822", "versionEndExcluding": "7.2.6", "versionStartIncluding": "7.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redis:redis:7.4.0:-:*:*:*:*:*:*", "matchCriteriaId": "4C484C7C-4C3B-45F6-8DF5-84CFE5FF2717", "vulnerable": true}, {"criteria": "cpe:2.3:a:redis:redis:7.4.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "14EE168F-747A-43EE-84B8-14C332A7F1CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redis:redis:7.4.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "C983360E-DC98-4C5A-A088-7DCE273595A1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crash. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "Redis es una base de datos de c\u00f3digo abierto en memoria que persiste en el disco. Los usuarios autenticados pueden desencadenar una denegaci\u00f3n de servicio mediante el uso de patrones de coincidencia de cadenas largas especialmente manipulados en comandos compatibles, como `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` y definiciones de ACL. La coincidencia de patrones extremadamente largos puede provocar una recursi\u00f3n sin l\u00edmites, lo que lleva a un desbordamiento de pila y un bloqueo del proceso. Este problema se ha solucionado en las versiones 6.2.16, 7.2.6 y 7.4.1 de Redis. Se recomienda a los usuarios que actualicen la versi\u00f3n. No existen workarounds conocidas para esta vulnerabilidad."}], "id": "CVE-2024-31228", "lastModified": "2025-09-04T19:10:33.273", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-10-07T20:15:05.277", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-674"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2025:1249", "cpe": "cpe:/o:redhat:discovery:1.0::el9", "package": "discovery/discovery-server-rhel9:1.12.0-1", "product_name": "Discovery 1 for RHEL 9", "release_date": "2025-02-10T00:00:00Z"}, {"advisory": "RHSA-2025:1249", "cpe": "cpe:/o:redhat:discovery:1.0::el9", "package": "discovery/discovery-ui-rhel9:1.12.0-1", "product_name": "Discovery 1 for RHEL 9", "release_date": "2025-02-10T00:00:00Z"}, {"advisory": "RHSA-2025:0595", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "redis:6-8100020250113083959.489197e6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-01-22T00:00:00Z"}, {"advisory": "RHSA-2024:10869", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "redis:7-9050020241104103753.9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-12-05T00:00:00Z"}, {"advisory": "RHSA-2025:0693", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "redis-0:6.2.17-1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-01-27T00:00:00Z"}], "bugzilla": {"description": "redis: Denial-of-service due to unbounded pattern matching in Redis", "id": "2317058", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317058"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-674", "details": ["Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crash. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "A flaw was found in Redis. This flaw allows authenticated users to trigger a denial of service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-31228", "package_state": [{"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Will not fix", "package_name": "3scale-amp-system-container", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}], "public_date": "2024-10-07T19:51:06Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-31228\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-31228\nhttps://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0\nhttps://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976"], "threat_severity": "Moderate"}