Описание
Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10.
Ссылки
- Patch
- Release Notes
- Vendor Advisory
- Patch
- Release Notes
- Vendor Advisory
Уязвимые конфигурации
EPSS
5.5 Medium
CVSS3
Дефекты
Связанные уязвимости
Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10.
Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10.
Specially crafted MSETNX command can lead to denial-of-service
Redis is an in-memory database that persists on disk. Starting in vers ...
Уязвимость системы управления базами данных (СУБД) Redis, связанная с отсутствием мер по очистке входных данных, позволяющая нарушителю отправить специально созданную команду MSETNX, вызвать отказ в обслуживании, завершив процесс сервера Redis
EPSS
5.5 Medium
CVSS3