In a recent update of the DBMS Redis, two vulnerabilities have been identified and addressed. The vulnerabilities, found in Redis version 7.0.15 and XR47-PCMX-FQ2M, could potentially lead to remote execution of malicious code due to data being recorded outside the designated buffer. Notably, the issue originated with Redis version 7.0.9 and was caused by incorrect parameter calculations in the SDSIS function ZE during a request for size changes.
/Reports, release notes, official announcements.