Description
Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm.
References (6)
Core 6
Core References
Third Party Advisory x_refsource_misc
https://security-tracker.debian.org/tracker/CVE-2013-0178
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0178
Mailing List, Patch, Third Party Advisory x_refsource_misc
http://www.openwall.com/lists/oss-security/2013/01/14/5
Mailing List, Patch, Third Party Advisory x_refsource_misc
http://www.openwall.com/lists/oss-security/2013/01/14/7
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/81329
Patch, Third Party Advisory x_refsource_misc
https://github.com/antirez/redis/commit/697af434fbeb2e3ba2ba9687cd283ed1a2734fa5
Scores
CVSS v3
5.5
EPSS
0.0014
EPSS Percentile
33.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-20
Status
published
Products (1)
redislabs/redis
< 2.6.0
Published
Nov 01, 2019
Tracked Since
Feb 18, 2026