Описание
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.
Ссылки
- Patch
- Release Notes
- Release Notes
- Release Notes
- Vendor Advisory
- Patch
- Release Notes
- Release Notes
- Release Notes
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
5.5 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.
Integer Overflow in several Redis commands can lead to denial of service.
Redis is an in-memory database that persists on disk. Authenticated us ...
EPSS
5.5 Medium
CVSS3
6.5 Medium
CVSS3