{"id":"CVE-2018-12326","details":"Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h (aka hostname) argument from an untrusted source.","modified":"2026-04-11T12:27:25.174515Z","published":"2018-06-17T14:29:00.260Z","references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:0052"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:0094"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1860"},{"type":"ADVISORY","url":"https://gist.github.com/fakhrizulkifli/f831f40ec6cde4f744c552503d8698f0"},{"type":"FIX","url":"https://github.com/antirez/redis/commit/9fdcc15962f9ff4baebe6fdd947816f43f730d50"},{"type":"FIX","url":"https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES"},{"type":"FIX","url":"https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/44904/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/antirez/redis","events":[{"introduced":"0"},{"fixed":"9fdcc15962f9ff4baebe6fdd947816f43f730d50"}]},{"type":"GIT","repo":"https://github.com/redis/redis","events":[{"introduced":"0"},{"fixed":"556b2d2bee22d1307e696090c9be10fc10a47cd3"},{"introduced":"0"},{"last_affected":"2ee4a1c9806aab459d05e60751e07d86a4bebd78"},{"introduced":"0"},{"last_affected":"f7209749a632218e5a3fa3171f5711075573af8f"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.0.10"},{"introduced":"0"},{"last_affected":"5.0-rc1"},{"introduced":"0"},{"last_affected":"5.0-rc2"}]}}],"versions":["1.3.6","2.2-alpha0","2.2-alpha1","2.2-alpha2","2.2-alpha3","2.2-alpha4","2.2-alpha5","2.2-alpha6","2.2.0-rc1","2.3-alpha0","4.0-rc1","4.0-rc2","4.0-rc3","4.0.0","4.0.1","4.0.2","4.0.3","4.0.4","4.0.5","4.0.6","4.0.7","4.0.8","4.0.9","5.0-rc1","5.0-rc2","v1.3.10","v1.3.11","v1.3.7","v1.3.8","v1.3.9","v2.0.0-rc1","v2.1.1-watch","vm-playpen"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-12326.json","vanir_signatures":[{"id":"CVE-2018-12326-0f5a0e11","target":{"file":"src/redis-cli.c","function":"cliRefreshPrompt"},"source":"https://github.com/antirez/redis/commit/9fdcc15962f9ff4baebe6fdd947816f43f730d50","deprecated":false,"signature_type":"Function","digest":{"function_hash":"146144452659066842643855273798132026598","length":537},"signature_version":"v1"},{"id":"CVE-2018-12326-9732fa61","target":{"file":"src/redis-cli.c"},"source":"https://github.com/antirez/redis/commit/9fdcc15962f9ff4baebe6fdd947816f43f730d50","deprecated":false,"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["146264985553595089145888339228984694289","113754568195038235696637820371386473616","224911718037559361398808131730777104524","134658735481029258007295347194332157557","21567913034220869488508823767117699260","296618262718945337247626838152582925210","82872893145819204693760210741615528741","178152789952146131277788812814427986525","35565501370380585105578981504713198831","185859955516836619073481433019209676413","141760063213812449782793380496342905096","249660733661301555995076314996295137465","215039319072738157660098692135707269863","41518852328670001634063818553895915199","124095596589395108240262028786891795258"]},"signature_version":"v1"}],"vanir_signatures_modified":"2026-04-11T12:27:25Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}