Primary

Context

Swoole Swoole-Source Integer Overflow Vulnerability in Hiredis Module

Vulnerability

Patched

An integer overflow vulnerability has been identified in the Swoole Swoole-Source library, specifically within the Hiredis module, in versions prior to 6.0.2. This vulnerability arises in the 'sds.C' file, where inadequate safety measures during memory allocation can lead to heap corruption.

Impact

Exploitation of this vulnerability can cause heap corruption, potentially allowing for arbitrary code execution or other memory-related attacks.

Remediation

Users can upgrade to Swoole Swoole-Source version 6.0.2 or later to address this vulnerability.

Added: Jan 27, 2026, 9:25 AM

Updated: Jan 27, 2026, 3:27 PM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

7.5

exploitability

7.6

remediation

7.7

relevance

2.4

threat

0.0

urgency

10.0

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

7.5

exploitability

7.6

remediation

7.7

relevance

2.4

threat

0.0

urgency

10.0

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Swoole Swoole-Source Integer Overflow Vulnerability in Hiredis Module

Vulnerability

Impact

Remediation

Affected Products

swoole/swoole-src

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating