Vulnerability Bulletins |
DSA-3279 redis - security update |
|
System information |
|
| Affected software | Debian |
Description |
|
|
It was discovered that redis, a persistent key-value database, couldexecute insecure Lua bytecode by way of the EVAL command. This couldallow remote attackers to break out of the Lua sandbox and executearbitrary code. More info: https://www.debian.org/security/2015/dsa-3279 |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2015-4335 and DSA-3279. |
Version history |
||
| Version | Comments | Date |
| 1.0 | Advisory issued | 2015-06-08 |