CVE-2021-29469 in Node-redisالمعلومات

الملخص

بحسب MITRE • 24/04/2021

Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

GitHub, Inc.

حجز

30/03/2021

إفشاء

24/04/2021

الاعتدال

تمت الموافقة

إدخال

VDB-173850

CPE

جاهز

CWE

CWE-400 (مؤكد)

CVSS

3.1 (VulDB)

EPSS

0.00926

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2021-29469
NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-29469
CVE Details	https://www.cvedetails.com/cve/CVE-2021-29469/

التالي ▸نظرة عامة ◂ السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!