Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
redis-py 安全漏洞
Vulnerability Description
redis-py是基于Python的redis接口库。 redis-py 4.5.4之前版本和4.5.4之前的4.5.x版本存在安全漏洞。攻击者利用该漏洞向不相关请求的客户端发送响应数据。
CVSS Information
N/A
Vulnerability Type
N/A