Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:32381
HistoryOct 05, 2021 - 12:06 p.m.

Denial Of Service (DoS)

2021-10-0512:06:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
25
redis
vulnerability
remote code execution
integer overflow
denial of service

EPSS

0.005

Percentile

77.4%

Redis is vulnerable to denial of service. An integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and client-query-buffer-limit configuration parameters to very large values and constructing specially crafted very large stream elements.