Skip to main content

Redis Py

2 CVEs product

Monthly

CVE-2023-28859 PyPI MEDIUM PATCH This Month

redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Redis Redis Py
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-28858 PyPI LOW PATCH Monitor

redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request in an off-by-one manner. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Redis Redis Py
NVD GitHub
CVSS 3.1
3.7
EPSS
1.0%
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Redis Redis Py
NVD GitHub
EPSS 1% CVSS 3.7
LOW PATCH Monitor

redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request in an off-by-one manner. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Redis Redis Py
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy