{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "9" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "10" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "13" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "14" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "10.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "16.04" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "18.04" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "19.04" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "3.4" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.1" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "3.0.0" }, { "fixed": "3.2.13" }, { "introduced": "4.0.0" }, { "fixed": "4.0.14" }, { "introduced": "5.0" }, { "fixed": "5.0.4" }, { "introduced": "0" }, { "last_affected": "8.0" }, { "introduced": "0" }, { "last_affected": "8.2" }, { "introduced": "0" }, { "last_affected": "8.4" }, { "introduced": "0" }, { "last_affected": "8.2" }, { "introduced": "0" }, { "last_affected": "8.4" }, { "introduced": "0" }, { "last_affected": "8.2" }, { "introduced": "0" }, { "last_affected": "8.4" } ] }, "events": [ { "introduced": "1fab07e078f35e175b8b09db3955dd654ced82c2" }, { "fixed": "990cd2c8357f2fa6629f55b75f88e76873ab8c97" }, { "introduced": "05b81d2b02578d432329c87c93f975e582d14c0e" }, { "fixed": "18572a921a8d17881c3de1fc71f56362d63010d9" }, { "introduced": "882ca6962f4ca32683b0e8db831de1b425c27d3c" }, { "fixed": "f72f4ea311d31f7ce209218a96afb97490971d39" }, { "introduced": "0" }, { "last_affected": "e91a340e241cf0abe3c6a0c254214fbe4aa1d95f" }, { "introduced": "0" }, { "last_affected": "c4795ea17bed73a8dccd7b6d46d67960a411d4f1" }, { "introduced": "0" }, { "last_affected": "0a6eacff1fb6184b5e026c8b3c45b785832fac37" }, { "introduced": "0" }, { "last_affected": "c4795ea17bed73a8dccd7b6d46d67960a411d4f1" }, { "introduced": "0" }, { "last_affected": "0a6eacff1fb6184b5e026c8b3c45b785832fac37" }, { "introduced": "0" }, { "last_affected": "c4795ea17bed73a8dccd7b6d46d67960a411d4f1" }, { "introduced": "0" }, { "last_affected": "0a6eacff1fb6184b5e026c8b3c45b785832fac37" } ], "repo": "https://github.com/redis/redis", "type": "GIT" } ] } ], "details": "A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer.", "id": "CVE-2019-10193", "modified": "2026-04-01T23:07:56.890373757Z", "published": "2019-07-11T19:15:12.720Z", "references": [ { "type": "ADVISORY", "url": "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES" }, { "type": "ADVISORY", "url": "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES" }, { "type": "ADVISORY", "url": "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES" }, { "type": "ADVISORY", "url": "https://seclists.org/bugtraq/2019/Jul/19" }, { "type": "ADVISORY", "url": "http://www.securityfocus.com/bid/109290" }, { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2019:1819" }, { "type": "ADVISORY", "url": "https://security.gentoo.org/glsa/201908-04" }, { "type": "ADVISORY", "url": "https://usn.ubuntu.com/4061-1/" }, { "type": "ADVISORY", "url": "https://www.debian.org/security/2019/dsa-4480" }, { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2019:2002" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10193" }, { "type": "FIX", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }