An buga gyara gyara na Redis DBMS 7.0.5, wanda ke kawar da rauni (CVE-2022-35951) wanda zai iya yuwuwar barin maharin ya aiwatar da lambar su tare da haƙƙin tsarin Redis. Batun yana shafar reshen 7.x kawai kuma yana buƙatar samun damar aiwatar da tambayoyin don kai harin.
Rashin lahani yana faruwa ne ta hanyar ambaliya ta lamba wanda ke faruwa lokacin da aka ƙayyade ƙimar da ba daidai ba don ma'aunin "COUNT" a cikin umarnin "XAUTOCLAIM". Lokacin amfani da maɓallan rafi a cikin umarni, a cikin takamaiman yanayi, ana iya amfani da madaidaicin lamba don rubutawa zuwa yanki da ya wuce tarin ƙwaƙwalwar ajiya.
source: budenet.ru