Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1.
CPE | Name | Operator | Version |
---|---|---|---|
node-redis | eq | 0.3.7 | |
node-redis | eq | .2.4.0 | |
node-redis | eq | 3.0.0 | |
node-redis | eq | .2.4.2 | |
node-redis | eq | 0.5.11 | |
node-redis | eq | 0.5.1 | |
node-redis | eq | 0.8.5 | |
node-redis | eq | 0.9.0 | |
node-redis | eq | .2.5.3 | |
node-redis | eq | .2.7.0 |