Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2021-31294

Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command (specifically, a SET command). NOTE: this was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have safety guarantees related to this.

  • Published: Jul 16, 2023
  • Updated: May 10, 2024
  • CVE: CVE-2021-31294
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.9
  • AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

Software From Fixed in
redis / redis - 6.2.0