VDB
BDU%3A2015-10357
BDU%3A2015-10357
PUBLISHED
CVSS 10 CRITICAL
Уязвимость системы управления базами данных Redis, позволяющая нарушителю выполнить произвольный Lua-байт-код
Risk Scores
CVSS 2.0
10
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Pivotal Software Inc. | Redis |
Timeline
- Jul 7, 2016 CVE Published
- Mar 23, 2021 CVE Updated
- Mar 18, 2026 Distribution Patch
References
- http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/ url
- http://www.debian.org/security/2015/dsa-3279 url
- http://www.openwall.com/lists/oss-security/2015/06/04/12 url
- http://www.openwall.com/lists/oss-security/2015/06/04/8 url
- http://www.openwall.com/lists/oss-security/2015/06/05/3 url
- https://github.com/antirez/redis/commit/fdf9d455098f54f7666c702ae464e6ea21e25411 url
- https://groups.google.com/forum/#%21msg/redis-db/4Y6OqK8gEyk/Dg-5cejl-eUJ url