MGASA-2015-0244

Source
https://advisories.mageia.org/MGASA-2015-0244.html
Import Source
https://advisories.mageia.org/MGASA-2015-0244.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2015-0244
Related
Published
2015-06-19T13:33:05Z
Modified
2015-07-09T07:56:53Z
Summary
Updated redis package fixes security vulnerability
Details

It was discovered that redis, a persistent key-value database, could execute insecure Lua bytecode by way of the EVAL command. This could allow remote attackers to break out of the Lua sandbox and execute arbitrary code (CVE-2015-4335).

References
Credits

Affected packages

Mageia:4 / redis

Package

Name
redis
Purl
pkg:rpm/mageia/redis?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.5-4.1.mga4

Ecosystem specific

{
    "section": "core"
}