{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-46819", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-04-30T19:41:58.134Z", "datePublished": "2025-10-03T19:12:10.999Z", "dateUpdated": "2025-10-03T19:24:24.823Z"}, "containers": {"cna": {"title": "Redis is vulnerable to DoS via specially crafted LUA scripts", "problemTypes": [{"descriptions": [{"cweId": "CWE-190", "lang": "en", "description": "CWE-190: Integer Overflow or Wraparound", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/redis/redis/security/advisories/GHSA-4c68-q8q8-3g4f", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/redis/redis/security/advisories/GHSA-4c68-q8q8-3g4f"}, {"name": "https://github.com/redis/redis/commit/3a1624da2449ac3dbfc4bdaed43adf77a0b7bfba", "tags": ["x_refsource_MISC"], "url": "https://github.com/redis/redis/commit/3a1624da2449ac3dbfc4bdaed43adf77a0b7bfba"}, {"name": "https://github.com/redis/redis/releases/tag/8.2.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/redis/redis/releases/tag/8.2.2"}], "affected": [{"vendor": "redis", "product": "redis", "versions": [{"version": "< 8.2.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-10-03T19:12:10.999Z"}, "descriptions": [{"lang": "en", "value": "Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families."}], "source": {"advisory": "GHSA-4c68-q8q8-3g4f", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-03T19:24:17.581618Z", "id": "CVE-2025-46819", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-03T19:24:24.823Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-46819", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-03T19:24:17.581618Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-03T19:24:21.071Z"}}], "cna": {"title": "Redis is vulnerable to DoS via specially crafted LUA scripts", "source": {"advisory": "GHSA-4c68-q8q8-3g4f", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "redis", "product": "redis", "versions": [{"status": "affected", "version": "< 8.2.2"}]}], "references": [{"url": "https://github.com/redis/redis/security/advisories/GHSA-4c68-q8q8-3g4f", "name": "https://github.com/redis/redis/security/advisories/GHSA-4c68-q8q8-3g4f", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/redis/redis/commit/3a1624da2449ac3dbfc4bdaed43adf77a0b7bfba", "name": "https://github.com/redis/redis/commit/3a1624da2449ac3dbfc4bdaed43adf77a0b7bfba", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/redis/redis/releases/tag/8.2.2", "name": "https://github.com/redis/redis/releases/tag/8.2.2", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-10-03T19:12:10.999Z"}}}, "cveMetadata": {"cveId": "CVE-2025-46819", "state": "PUBLISHED", "dateUpdated": "2025-10-03T19:24:24.823Z", "dateReserved": "2025-04-30T19:41:58.134Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-10-03T19:12:10.999Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", "matchCriteriaId": "237372B8-181C-4ECA-97F8-C6EA984341BF", "versionEndExcluding": "8.2.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families."}], "id": "CVE-2025-46819", "lastModified": "2025-10-10T16:31:30.803", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.2, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-10-03T19:15:43.490", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/redis/redis/commit/3a1624da2449ac3dbfc4bdaed43adf77a0b7bfba"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/redis/redis/releases/tag/8.2.2"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/redis/redis/security/advisories/GHSA-4c68-q8q8-3g4f"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "security-advisories@github.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "Redis: Redis is vulnerable to DoS via specially crafted LUA scripts", "id": "2401322", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401322"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H", "status": "draft"}, "cwe": "CWE-190", "details": ["Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families.", "A vulnerability was found in Redis where an authenticated user to run a crafted Lua script that can read out\u2011of\u2011bounds memory or crash the server, leading to information disclosure and denial of service."], "mitigation": {"lang": "en:us", "value": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.\nTo reduce the risk, restricting network access to trusted hosts, enforcing strong authentication and protected-mode, disabling or limiting Lua scripting where possible can be be benificial and apply least-privilege ACLs to reduce who can run scripting commands, keep instances non-public with firewalls/VPCs, and follow Redis hardening guidance to minimize exposure."}, "name": "CVE-2025-46819", "public_date": "2025-10-03T19:12:10Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-46819\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-46819\nhttps://github.com/redis/redis/commit/3a1624da2449ac3dbfc4bdaed43adf77a0b7bfba\nhttps://github.com/redis/redis/releases/tag/8.2.2\nhttps://github.com/redis/redis/security/advisories/GHSA-4c68-q8q8-3g4f"], "statement": "This is rated Moderate because exploitation requires an authenticated Redis account with permission to execute Lua (EVAL/FUNCTION), and the impact is limited to out\u2011of\u2011bounds reads and process crash (DoS) rather than code execution or privilege escalation. The attack surface is limited to environments where the attacker already possesses valid credentials and can invoke Lua (EVAL/FUNCTION), raising exploitation complexity and narrowing exposure compared to unauthenticated or privilege\u2011escalating flaws.\nThis flaw exists only in the Redis server implementation; \nRedis client libraries (Python, Node.js, Rust, etc.) are not affected by this vulnerability, and it only exists in the Redis server\u2019s embedded Lua engine where scripts execute. Client libraries merely transmit EVAL/EVALSHA to the server.", "threat_severity": "Moderate"}