Описание
Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | only 7.0.8 and newer |
| devel | not-affected | 5:7.0.15-1build2 |
| esm-apps/bionic | not-affected | only 7.0.8 and newer |
| esm-apps/focal | not-affected | only 7.0.8 and newer |
| esm-apps/jammy | not-affected | only 7.0.8 and newer |
| esm-apps/noble | not-affected | 5:7.0.12-1 |
| esm-apps/xenial | not-affected | only 7.0.8 and newer |
| esm-infra-legacy/trusty | not-affected | only 7.0.8 and newer |
| focal | not-affected | only 7.0.8 and newer |
| jammy | not-affected | only 7.0.8 and newer |
Показывать по
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10.
Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10.
Specially crafted MSETNX command can lead to denial-of-service
Redis is an in-memory database that persists on disk. Starting in vers ...
Уязвимость системы управления базами данных (СУБД) Redis, связанная с отсутствием мер по очистке входных данных, позволяющая нарушителю отправить специально созданную команду MSETNX, вызвать отказ в обслуживании, завершив процесс сервера Redis
EPSS
5.5 Medium
CVSS3