Описание
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 5:6.0.16-1 |
| esm-apps/bionic | released | 5:4.0.9-1ubuntu0.2+esm3 |
| esm-apps/focal | released | 5:5.0.7-2ubuntu0.1+esm1 |
| esm-apps/jammy | not-affected | 5:6.0.16-1 |
| esm-apps/noble | not-affected | 5:6.0.16-1 |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | not-affected | code not present |
| focal | ignored | end of standard support, was needed |
| hirsute | ignored | end of life |
Показывать по
EPSS
4 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.
Redis is an open source, in-memory database that persists on disk. Whe ...
Уязвимость системы управления базами данных NoSQL Redis, связанная с чтением за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным
EPSS
4 Medium
CVSS2
5.3 Medium
CVSS3