pysec-2022-43162
Vulnerability from pysec
Published
2022-06-23 17:15
Modified
2024-12-23 11:33
Severity ?
Details
Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID.
Impacted products
| Name | purl |
|---|---|
| redis | pkg:pypi/redis |
Aliases
{ affected: [ { package: { ecosystem: "PyPI", name: "redis", purl: "pkg:pypi/redis", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "4a7a4e42db8ff757cdf3f4a824f66426036034ef", }, ], repo: "https://github.com/redis/redis", type: "GIT", }, { events: [ { introduced: "0", }, ], type: "ECOSYSTEM", }, ], versions: [ "0.6.0", "0.6.1", "1.34", "1.34.1", "2.0.0", "2.10.0", "2.10.1", "2.10.2", "2.10.3", "2.10.5", "2.10.6", "2.2.0", "2.2.2", "2.2.4", "2.4.0", "2.4.1", "2.4.10", "2.4.11", "2.4.12", "2.4.13", "2.4.2", "2.4.3", "2.4.4", "2.4.5", "2.4.6", "2.4.7", "2.4.8", "2.4.9", "2.6.0", "2.6.1", "2.6.2", "2.7.0", "2.7.1", "2.7.2", "2.7.3", "2.7.4", "2.7.5", "2.7.6", "2.8.0", "2.9.0", "2.9.1", "3.0.0", "3.0.0.post1", "3.0.1", "3.1.0", "3.2.0", "3.2.1", "3.3.0", "3.3.1", "3.3.10", "3.3.11", "3.3.2", "3.3.3", "3.3.4", "3.3.5", "3.3.6", "3.3.7", "3.3.8", "3.3.9", "3.4.0", "3.4.1", "3.5.0", "3.5.1", "3.5.2", "3.5.3", "4.0.0", "4.0.0b1", "4.0.0b2", "4.0.0b3", "4.0.0rc1", "4.0.0rc2", "4.0.1", "4.0.2", "4.1.0", "4.1.0rc1", "4.1.0rc2", "4.1.1", "4.1.2", "4.1.3", "4.1.4", "4.2.0", "4.2.0rc1", "4.2.0rc2", "4.2.0rc3", "4.2.1", "4.2.2", "4.3.0", "4.3.1", "4.3.2", "4.3.3", "4.3.4", "4.3.5", "4.3.6", "4.4.0", "4.4.0rc1", "4.4.0rc2", "4.4.0rc3", "4.4.0rc4", "4.4.1", "4.4.2", "4.4.3", "4.4.4", "4.5.0", "4.5.1", "4.5.2", "4.5.3", "4.5.4", "4.5.5", "4.6.0", "5.0.0", "5.0.0b1", "5.0.0b2", "5.0.0b3", "5.0.0b4", "5.0.0rc1", "5.0.0rc2", "5.0.1", "5.0.2", "5.0.3", "5.0.4", "5.0.5", "5.0.6", "5.0.7", "5.0.8", "5.1.0", "5.1.0a1", "5.1.0b1", "5.1.0b2", "5.1.0b3", "5.1.0b4", "5.1.0b5", "5.1.0b6", "5.1.0b7", "5.1.1", "5.2.0", "5.2.1", "5.3.0b1", "5.3.0b3", "5.3.0b4", ], }, ], aliases: [ "CVE-2022-33105", ], details: "Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID.", id: "PYSEC-2022-43162", modified: "2024-12-23T11:33:23.546447Z", published: "2022-06-23T17:15:00Z", references: [ { type: "EVIDENCE", url: "https://github.com/redis/redis/pull/10829", }, { type: "REPORT", url: "https://github.com/redis/redis/pull/10829", }, { type: "WEB", url: "https://github.com/redis/redis/pull/10829", }, { type: "FIX", url: "https://github.com/redis/redis/commit/4a7a4e42db8ff757cdf3f4a824f66426036034ef", }, { type: "EVIDENCE", url: "https://github.com/redis/redis/pull/10753", }, { type: "REPORT", url: "https://github.com/redis/redis/pull/10753", }, { type: "FIX", url: "https://github.com/redis/redis/pull/10753", }, { type: "WEB", url: "https://github.com/redis/redis/pull/10753", }, { type: "WEB", url: "https://raw.githubusercontent.com/redis/redis/7.0.1/00-RELEASENOTES", }, { type: "ADVISORY", url: "https://security.netapp.com/advisory/ntap-20220729-0005/", }, { type: "ADVISORY", url: "https://security.gentoo.org/glsa/202209-17", }, ], severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], withdrawn: "2024-11-22T04:37:05Z", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.