6 matches found
CVE-2021-29469
Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1...
Security Bulletin: A Vulnerability in Redis Node.js module affecting Watson Knowledge Catalog for IBM Cloud Pak for Data (CVE-2021-29469)
Summary Redis Node.js module is vulnerable to a DOS that is impacting Watson Knowledge Catalog for IBM Cloud Pak for Data. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-29469 DESCRIPTION: Node Redis redis module for Node.js is vulnerable to a denial of service, caus...
1-of (>=1.0.0 <=1.0.1), 3klesmanager-common (>=2.0.0 <=2.0.1) +5749 more potentially affected by CVE-2021-29469 via redis (>=2.6.1 <=3.1.0)
redis NPM version =2.6.1, =1.0.0, =2.0.0, =0.0.12, =0.0.12, =3.10.1, =1.0.0, =0.7.0, =1.0.0, =1.0.2, =1.2.1, =2.0.0, =1.0.0, =1.0.0, =2.1.8 and more Source cves: CVE-2021-29469 Source advisory: OSV:GHSA-35Q2-47Q7-3PC3...
CVE-2021-29469
Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1...
CVE-2021-29469
Node-redis (Node.js Redis client) is vulnerable prior to version 3.1.1 due to a regex used to detect monitor messages that can backtrack exponentially, potentially causing a denial of service when a client is in monitoring mode. The issue is fixed in version 3.1.1. Affected context includes IBM a...
CVE-2021-29469 Potential exponential regex in monitor mode
Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1...