Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2021-04-23T18:10:15
Updated: 2024-08-03T22:11:05.198Z
Reserved: 2021-03-30T00:00:00
Link: CVE-2021-29469
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-04-23T18:15:08.303
Modified: 2024-11-21T06:01:10.983
Link: CVE-2021-29469
Redhat
No data.