Vulnerabilities > CVE-2023-31654 - Unspecified vulnerability in Redis Redisraft

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

redis

critical

NVD

Published: 2024-01-23

Updated: 2024-01-31

Summary

Redis raft master-1b8bd86 to master-7b46079 was discovered to contain an ODR violation via the component hiredisAllocFns at /opt/fs/redisraft/deps/hiredis/alloc.c.

Vulnerable Configurations

Part	Description	Count
Application	Redis Redis Redisraft -	1

References

https://github.com/RedisLabs/redisraft/issues/600
https://seclists.org/fulldisclosure/2024/Jan/13