AVG-1909 log

Package redis
Status Fixed
Severity High
Type arbitrary code execution
Affected 6.2.2-1
Fixed 6.2.3-1
Current 6.2.6-1 [community]
Ticket None
Created Tue May 4 09:48:29 2021
Issue Severity Remote Type Description
CVE-2021-29478 High Yes Arbitrary code execution
An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution. Redis 6.0 and...
CVE-2021-29477 High Yes Arbitrary code execution
An integer overflow bug in Redis version 6.0 or newer could be exploited using the "STRALGO LCS" command to corrupt the heap and potentially result with...