{"id":"CVE-2018-12453","details":"Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream.","modified":"2026-04-11T06:58:44.881405Z","published":"2018-06-16T17:29:00.207Z","references":[{"type":"FIX","url":"https://github.com/antirez/redis/commit/c04082cf138f1f51cedf05ee9ad36fb6763cafc6"},{"type":"EVIDENCE","url":"https://gist.github.com/fakhrizulkifli/34a56d575030682f6c564553c53b82b5"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/44908/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/antirez/redis","events":[{"introduced":"0"},{"fixed":"c04082cf138f1f51cedf05ee9ad36fb6763cafc6"}]},{"type":"GIT","repo":"https://github.com/redis/redis","events":[{"introduced":"0"},{"fixed":"882ca6962f4ca32683b0e8db831de1b425c27d3c"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"5.0"}]}}],"versions":["1.3.6","2.2-alpha0","2.2-alpha1","2.2-alpha2","2.2-alpha3","2.2-alpha4","2.2-alpha5","2.2-alpha6","2.2.0-rc1","2.3-alpha0","5.0-rc1","5.0-rc2","5.0-rc3","5.0-rc4","5.0-rc5","5.0-rc6","v1.3.10","v1.3.11","v1.3.7","v1.3.8","v1.3.9","v2.0.0-rc1","v2.1.1-watch","vm-playpen"],"database_specific":{"vanir_signatures":[{"deprecated":false,"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["88821234275320168961968514187630685631","281435290832301325108177236882433861922","54074213513891659342106385651594196101","206996336604169546884152820763479249022"]},"source":"https://github.com/antirez/redis/commit/c04082cf138f1f51cedf05ee9ad36fb6763cafc6","signature_type":"Line","id":"CVE-2018-12453-ba7af058","target":{"file":"src/t_stream.c"}},{"deprecated":false,"signature_version":"v1","digest":{"length":2401,"function_hash":"145192140110434690423245641463653914800"},"source":"https://github.com/antirez/redis/commit/c04082cf138f1f51cedf05ee9ad36fb6763cafc6","signature_type":"Function","id":"CVE-2018-12453-d2623208","target":{"file":"src/t_stream.c","function":"xgroupCommand"}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-12453.json","vanir_signatures_modified":"2026-04-11T06:58:44Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}