Redis is an in-memory database that persists on disk. A specially crafted `XAUTOCLAIM` command on a stream key in a specific state may result with heap overflow, and potentially remote code execution. This problem affects versions on the 7.x branch prior to 7.0.4. The patch is released in version 7.0.4.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2022-07-19T20:15:13
Updated: 2024-08-03T07:11:39.659Z
Reserved: 2022-05-18T00:00:00
Link: CVE-2022-31144
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-07-19T21:15:15.087
Modified: 2024-11-21T07:03:59.330
Link: CVE-2022-31144
Redhat