Denial Of Service (DoS)

2020-02-0308:25:46

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.003 Low

EPSS

Percentile

71.9%

JSON

hiredis is vulnerable to denial of service (DoS). The vulnerability exists due to multiple NULL pointer derefence issues in async.c and dict.c in libhiredis.a.

CPENameOperatorVersion
hirediseq0.11.0
hirediseq0.11.0

CPE	Name	Operator	Version
	hiredis	eq	0.11.0
	hiredis	eq	0.11.0

References

bugzilla.redhat.com/show_bug.cgi?id=1796474

github.com/redis/hiredis/commit/3e2ddf9cf72e7d5e19b096fbc03c411fdb9e92dc

github.com/redis/hiredis/issues/747

github.com/redis/hiredis/pull/752

lists.debian.org/debian-lts-announce/2020/01/msg00028.html

lists.fedoraproject.org/archives/list/[email protected]/message/76ZDGWBV3YEEQ2YC65ZJEQLKQFVFBZHX/

lists.fedoraproject.org/archives/list/[email protected]/message/ZKOTCIYFEWJJILUGL4JQ3CJAM3TWYZ2A/

0.003 Low

EPSS

Percentile

71.9%

JSON

Related for VERACODE:22441