CVE-2024-51737 | RedisSearch up to 2.0 on Redis Redis Module FT.SEARCH/FT.AGGREGATE LIMIT/KNN heap-based overflow

Inserito da Angelo Barbosa | Gen 8, 2025 | CVE

A vulnerability, which was classified as critical, has been found in RedisSearch up to 2.0 on Redis. This issue affects the function FT.SEARCH/FT.AGGREGATE of the component Redis Module. The manipulation of the argument LIMIT/KNN leads to heap-based buffer overflow.

The identification of this vulnerability is CVE-2024-51737. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-51737 | RedisSearch up to 2.0 on Redis Redis Module FT.SEARCH/FT.AGGREGATE LIMIT/KNN heap-based overflow

Post correlati

CVE-2024-25092 | NextMove Lite Plugin up to 2.17.0 on WordPress Activation authorization

CVE-2024-20376 | Cisco IP Phone 6800/IP Phone 7800/IP Phone 8800 up to 12.0.4 Web-based Management Interface out-of-bounds write (cisco-sa-ipphone-multi-vulns-cXAhCvS)

CVE-2024-27929 | SixLabors ImageSharp up to 3.1.2 PNG Image PngDecoderCore.cs InitializeImage use after free

CVE-2024-52277 | DocuSeal up to 1.8.1 clickjacking