dragonflydb/dragonfly

dragonflydb/dragonfly

www.dragonflydb.io

Releases210

Frequency1 week

Last Release 17 days ago

Stars30.6K

A modern replacement for Redis and Memcached

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-52935 ↗	Jun 23, 2025Monday, 23 June 2025, 10:15	—	—
Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly (src/redis/lua/struct modules). This vulnerability is associated with program files lua_struct.C. This issue affects dragonfly: 1.30.1, 1.30.0, 1.28.18.
CVE-2025-26269 ↗	Apr 17, 2025Thursday, 17 April 2025, 18:15	3.3 LOW	—
DragonflyDB Dragonfly through 1.28.2 (fixed in 1.29.0) allows authenticated users to cause a denial of service (daemon crash) via a Lua library command that references a large negative integer.
CVE-2025-26268 ↗	Apr 17, 2025Thursday, 17 April 2025, 18:15	3.3 LOW	—
DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service (daemon crash) via a crafted Redis command. The validity of the scan cursor was not checked.