cve/CVE-2021-32672.md at 93476d6c370e261fdc1b2b03a08066de45e4892d

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.

POC

Reference

https://www.oracle.com/security-alerts/cpuapr2022.html

Github

No PoCs found on GitHub currently.

866 B Raw Blame History Unescape Escape

CVE-2021-32672

Description

POC

Reference

Github

866 B

Raw Blame History