Back to bug 2182058
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Avinash Hanwate | 2023-03-27 12:38:05 UTC | CC | apevec, bdettelb, cwelton, davidn, eglynn, epacific, hhorak, jcammara, jhardy, jjoyce, jneedle, jobarker, jorton, lhh, mabashia, mburns, mgarciac, nathans, osapryki, rcollet, redis-maint, rhos-maint, simaishi, smcdonal, spower, teagle, yguenane, zsadeh | |
| Sandipan Roy | 2023-03-28 04:28:57 UTC | CC | hhorak, jorton, rcollet, redis-maint | |
| Vipul Nair | 2023-03-31 11:53:10 UTC | Depends On | 2183503 | |
| Red Hat Bugzilla | 2023-07-07 08:28:23 UTC | Assignee | security-response-team | nobody |
| Avinash Hanwate | 2023-07-11 06:06:30 UTC | CC | adudiak, kshier, stcannon, tfister | |
| Doc Text | Redis redis-py could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw with leaving a connection open after canceling an async Redis command at an inopportune time. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. | |||
| Avinash Hanwate | 2023-07-11 06:08:01 UTC | Doc Text | Redis redis-py could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw with leaving a connection open after canceling an async Redis command at an inopportune time. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. | Redis redis-py could allow a remote, authenticated attacker to obtain sensitive information, caused by a flaw with leaving a connection open after canceling an async Redis command at an inopportune time. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. |
| Avinash Hanwate | 2023-07-11 06:08:22 UTC | Depends On | 2221860 | |
| RaTasha Tillery-Smith | 2023-07-11 13:38:34 UTC | Doc Text | Redis redis-py could allow a remote, authenticated attacker to obtain sensitive information, caused by a flaw with leaving a connection open after canceling an async Redis command at an inopportune time. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. | A flaw was found in Redis redis-py. This flaw allows a remote, authenticated attacker to obtain sensitive information caused by an issue with leaving a connection open after canceling an async Redis command at an inopportune time. By sending a specially crafted request, an attacker can obtain sensitive information and use this information to launch further attacks against the affected system. |
Back to bug 2182058