MGASA-2015-0244

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2015-0244.html

Import Source

https://advisories.mageia.org/MGASA-2015-0244.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2015-0244

Related

CVE-2015-4335

Published

2015-06-19T13:33:05Z

Modified

2015-07-09T07:56:53Z

Summary

Updated redis package fixes security vulnerability

Details

It was discovered that redis, a persistent key-value database, could execute insecure Lua bytecode by way of the EVAL command. This could allow remote attackers to break out of the Lua sandbox and execute arbitrary code (CVE-2015-4335).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:4 / redis

Package

Name: redis
Purl: pkg:rpm/mageia/redis?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.5-4.1.mga4

Ecosystem specific

{
    "section": "core"
}