Ukukhishwa okulungisayo kwe-Redis DBMS 7.0.5 kushicilelwe, okususa ukuba sengozini (CVE-2022-35951) okungase kuvumele umhlaseli ukuthi asebenzise ikhodi yakhe ngamalungelo enqubo ye-Redis. Inkinga ithinta kuphela igatsha le-7.x futhi idinga ukufinyelela ukuze ikhiphe imibuzo ukuze iqhube ukuhlasela.
Ukuba sengozini kubangelwa ukuchichima okuphelele okwenzeka lapho inani elingalungile lishiwo kupharamitha ethi "COUNT" kumyalo we-"XAUTOCLAIM". Uma usebenzisa okhiye bokusakaza kumyalo, esimweni esithile, ukuchichima okuphelele kungase kusetshenziselwe ukubhala endaweni engaphezu kwenqwaba yememori eyabiwe.
Source: opennet.ru