安全公告:CVE-2024-31449, CVE-2024-31227, CVE-2024-31228
原文英文,约900词,阅读约需4分钟。发表于:。What happened? As part of an ongoing effort by the Redis Community and Redis to maintain Redis safety, security, and compliance posture, three security vulnerabilities in Redis have been published...
Redis社区和Redis公布了三个安全漏洞:Lua库命令漏洞(CVE-2024-31449)可能导致远程代码执行;无界模式匹配漏洞(CVE-2024-31228)和ACL选择器漏洞(CVE-2024-31227)可能导致拒绝服务。建议限制网络访问、加强身份验证、限制权限,并及时升级Redis版本。目前没有证据表明这些漏洞被利用。
