AVG-1909 log
| Package | redis |
| Status | Fixed |
| Severity | High |
| Type | arbitrary code execution |
| Affected | 6.2.2-1 |
| Fixed | 6.2.3-1 |
| Current | 7.2.5-1 [extra] |
| Ticket | None |
| Created | Tue May 4 09:48:29 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-29478 | High | Yes | Arbitrary code execution | An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution. Redis 6.0 and... |
| CVE-2021-29477 | High | Yes | Arbitrary code execution | An integer overflow bug in Redis version 6.0 or newer could be exploited using the "STRALGO LCS" command to corrupt the heap and potentially result with... |