Описание
A flaw was found in the Hiredis library. This vulnerability allows a local attacker to cause a denial of service via crafted input data that triggers a heap buffer overflow during Redis command formatting.
Отчет
This CVE has been marked as Rejected by the assigning CNA.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | valkey | Not affected | ||
| Red Hat Enterprise Linux 8 | redis:6/redis | Not affected | ||
| Red Hat Enterprise Linux 9 | redis | Not affected | ||
| Red Hat Enterprise Linux 9 | redis:7/redis | Fix deferred | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-amd-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-azure-amd-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/instructlab-amd-rhel9 | Not affected |
Показывать по
Дополнительная информация
4 Medium
CVSS3
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Buffer Overflow in hiredis 1.2.0 allows a local attacker to cause a denial of service via the sdscatlen function.
4 Medium
CVSS3