Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h (aka hostname) argument from an untrusted source.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Redis redis-cli 缓冲区错误漏洞
Vulnerability Description
Redis是美国Redis Labs公司赞助的一套开源的使用ANSI C编写、支持网络、可基于内存亦可持久化的日志型、键值(Key-Value)存储数据库,并提供多种语言的API。redis-cli是其中的一个命令行工具。 Redis 4.0.10之前版本和5.0 RC3之前的5.x版本中的redis-cli存在缓冲区溢出漏洞。攻击者可借助特制的命令行利用该漏洞执行代码并提升至更高的权限。
CVSS Information
N/A
Vulnerability Type
N/A