Lucene search
RedHatRHSA-2017:3226HistoryNov 15, 2017 - 1:08 p.m.
(RHSA-2017:3226) Low: redis security update
2017-11-1513:08:20
access.redhat.com
8
0.001 Low
EPSS
Percentile
20.0%
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.
Security Fix(es):
- A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use this flaw to access unauthorized system information. (CVE-2016-2121)
This issue was discovered by Honza Horak (Red Hat) and Remi Collet (Red Hat).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | redis | < 3.0.6-2.el7ost | redis-3.0.6-2.el7ost.x86_64.rpm |
| RedHat | 7 | x86_64 | redis-debuginfo | < 3.0.6-2.el7ost | redis-debuginfo-3.0.6-2.el7ost.x86_64.rpm |
Related
cvelist
cvelist
CVE-2016-2121
2018-10-31 13:00:00
debiancve
debiancve
CVE-2016-2121
2018-10-31 13:29:00
cve
cve
CVE-2016-2121
2018-10-31 13:29:00
veracode
veracode
Information Disclosure
2019-01-15 09:19:23
redhatcve
redhatcve
CVE-2016-2121
2019-10-06 08:49:05
ubuntucve
ubuntucve
CVE-2016-2121
2018-10-31 00:00:00
prion
prion
Information disclosure
2018-10-31 13:29:00
nvd
nvd
CVE-2016-2121
2018-10-31 13:29:00