Описание
Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| redict | fixed | 7.3.5+ds-1 | package | |
| redis | fixed | 5:8.0.2-2 | package | |
| valkey | fixed | 8.1.1+dfsg1-3 | package |
Примечания
https://codeberg.org/redict/redict/issues/105
https://github.com/redis/redis/security/advisories/GHSA-4q32-c38c-pwgq
Fixed by: https://github.com/redis/redis/commit/bde62951accfc4bb0a516276fd0b4b307e140ce2 (8.0.3)
https://github.com/valkey-io/valkey/pull/2315
Fixed by: https://github.com/valkey-io/valkey/commit/cb10d9d78f35945b667e46967b3980e89954d73b
Связанные уязвимости
Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19.
Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19.
Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19.
Уязвимость сервера системы управления базами данных (СУБД) Redis, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании