Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request in an off-by-one manner. NOTE: this CVE Record was initially created in response to reports about ChatGPT, and 4.3.6, 4.4.3, and 4.5.3 were released (changing the behavior for pipeline operations); however, please see CVE-2023-28859 about addressing data leakage across AsyncIO connections in general.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
redis-py 安全漏洞
Vulnerability Description
redis-py是基于Python的redis接口库。 redis-py 4.5.3之前版本存在安全漏洞。攻击者利用该漏洞可以将响应数据发送到客户端。
CVSS Information
N/A
Vulnerability Type
N/A