VDB

ALPINE-CVE-2021-32672

ALPINE-CVE-2021-32672 PUBLISHED CVSS 4.300000190734863 MEDIUM

Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.

Risk Scores

CVSS v3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected Products

VendorProductVersions
Alpine:v3.19redis6.2.4-r0, 6.2.3-r0, 6.2.2-r0
Alpine:v3.18redis2.4.14-r0, 3.0.4-r0, 2.4.14-r0
Alpine:v3.17redis6.0.5-r0, 0, 2.4.14-r0
Alpine:v3.12redis3.0.3-r0, 3.0.4-r0, 3.0.5-r0
Alpine:v3.16redis3.2.1-r0, 2.4.14-r0, 2.4.14-r1
Alpine:v3.15redis6.0.1-r0, 5.0.9-r0, 5.0.7-r0
Alpine:v3.14redis2.4.16-r0, 2.4.14-r0, 2.4.14-r1
Alpine:v3.13redis4.0.12-r0, 2.8.12-r0, 2.8.13-r0
Alpine:v3.11redis3.0.7-r0, 3.0.6-r0, 3.0.5-r1

Timeline

  • Oct 4, 2021 CVE Published
  • Nov 19, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›