{"id":"CVE-2019-10192","details":"A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer.","modified":"2026-02-21T07:26:26.362016Z","published":"2019-07-11T19:15:12.627Z","related":["MGASA-2019-0226"],"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/109290"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1819"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1860"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2002"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2506"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2508"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2621"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2630"},{"type":"ADVISORY","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10192"},{"type":"ADVISORY","url":"https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES"},{"type":"ADVISORY","url":"https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES"},{"type":"ADVISORY","url":"https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES"},{"type":"ADVISORY","url":"https://seclists.org/bugtraq/2019/Jul/19"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201908-04"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4061-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4480"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10192"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"type":"ARTICLE","url":"https://seclists.org/bugtraq/2019/Jul/19"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/redis/redis","events":[{"introduced":"05b81d2b02578d432329c87c93f975e582d14c0e"},{"fixed":"18572a921a8d17881c3de1fc71f56362d63010d9"},{"introduced":"1fab07e078f35e175b8b09db3955dd654ced82c2"},{"fixed":"990cd2c8357f2fa6629f55b75f88e76873ab8c97"},{"introduced":"882ca6962f4ca32683b0e8db831de1b425c27d3c"},{"fixed":"f72f4ea311d31f7ce209218a96afb97490971d39"}]}],"versions":["4.0.0","4.0.1","4.0.10","4.0.11","4.0.12","4.0.13","4.0.2","4.0.3","4.0.4","4.0.5","4.0.6","4.0.7","4.0.8","4.0.9","5.0.0","5.0.1","5.0.2","5.0.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10192.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}]}