CVE-2021-3470
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-3470
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3470.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-3470
- Related
- Published
- 2021-03-31T14:15:20Z
- Modified
- 2024-09-03T03:51:35.965050Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast majority of users, who use jemalloc or glibc malloc.
- References
Affected packages
Alpine:v3.12 / redis
Package
- Name
- redis
- Purl
- pkg:apk/alpine/redis?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.0.11-r0
Affected versions
2.*
2.4.14-r0
2.4.14-r1
2.4.14-r2
2.4.16-r0
2.6.16-r0
2.6.17-r0
2.8.9-r0
2.8.9-r1
2.8.9-r2
2.8.10-r0
2.8.11-r0
2.8.12-r0
2.8.13-r0
2.8.14-r0
2.8.17-r0
2.8.19-r0
3.*
3.0.0-r0
3.0.0-r1
3.0.1-r0
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.0.5-r0
3.0.5-r1
3.0.6-r0
3.0.7-r0
3.0.7-r1
3.2.0-r0
3.2.1-r0
3.2.3-r0
3.2.4-r0
3.2.5-r0
3.2.7-r0
3.2.8-r0
3.2.9-r0
4.*
4.0.2-r0
4.0.2-r1
4.0.5-r0
4.0.6-r0
4.0.8-r0
4.0.9-r0
4.0.9-r1
4.0.9-r2
4.0.10-r0
4.0.10-r1
4.0.11-r0
4.0.12-r0
4.0.13-r0
5.*
5.0.4-r0
5.0.5-r0
5.0.7-r0
5.0.8-r0
5.0.9-r0
Alpine:v3.13 / redis
Package
- Name
- redis
- Purl
- pkg:apk/alpine/redis?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.0.9-r0
Affected versions
2.*
2.4.14-r0
2.4.14-r1
2.4.14-r2
2.4.16-r0
2.6.16-r0
2.6.17-r0
2.8.9-r0
2.8.9-r1
2.8.9-r2
2.8.10-r0
2.8.11-r0
2.8.12-r0
2.8.13-r0
2.8.14-r0
2.8.17-r0
2.8.19-r0
3.*
3.0.0-r0
3.0.0-r1
3.0.1-r0
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.0.5-r0
3.0.5-r1
3.0.6-r0
3.0.7-r0
3.0.7-r1
3.2.0-r0
3.2.1-r0
3.2.3-r0
3.2.4-r0
3.2.5-r0
3.2.7-r0
3.2.8-r0
3.2.9-r0
4.*
4.0.2-r0
4.0.2-r1
4.0.5-r0
4.0.6-r0
4.0.8-r0
4.0.9-r0
4.0.9-r1
4.0.9-r2
4.0.10-r0
4.0.10-r1
4.0.11-r0
4.0.12-r0
4.0.13-r0
5.*
5.0.4-r0
5.0.5-r0
5.0.7-r0
5.0.8-r0
5.0.9-r0
6.*
6.0.1-r0
6.0.4-r0
6.0.5-r0
Alpine:v3.14 / redis
Package
- Name
- redis
- Purl
- pkg:apk/alpine/redis?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.2.0-r0
Affected versions
2.*
2.4.14-r0
2.4.14-r1
2.4.14-r2
2.4.16-r0
2.6.16-r0
2.6.17-r0
2.8.9-r0
2.8.9-r1
2.8.9-r2
2.8.10-r0
2.8.11-r0
2.8.12-r0
2.8.13-r0
2.8.14-r0
2.8.17-r0
2.8.19-r0
3.*
3.0.0-r0
3.0.0-r1
3.0.1-r0
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.0.5-r0
3.0.5-r1
3.0.6-r0
3.0.7-r0
3.0.7-r1
3.2.0-r0
3.2.1-r0
3.2.3-r0
3.2.4-r0
3.2.5-r0
3.2.7-r0
3.2.8-r0
3.2.9-r0
4.*
4.0.2-r0
4.0.2-r1
4.0.5-r0
4.0.6-r0
4.0.8-r0
4.0.9-r0
4.0.9-r1
4.0.9-r2
4.0.10-r0
4.0.10-r1
4.0.11-r0
4.0.12-r0
4.0.13-r0
5.*
5.0.4-r0
5.0.5-r0
5.0.7-r0
5.0.8-r0
5.0.9-r0
6.*
6.0.1-r0
6.0.4-r0
6.0.5-r0
6.0.9-r0
6.0.10-r0
Alpine:v3.15 / redis
Package
- Name
- redis
- Purl
- pkg:apk/alpine/redis?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.2.0-r0
Affected versions
2.*
2.4.14-r0
2.4.14-r1
2.4.14-r2
2.4.16-r0
2.6.16-r0
2.6.17-r0
2.8.9-r0
2.8.9-r1
2.8.9-r2
2.8.10-r0
2.8.11-r0
2.8.12-r0
2.8.13-r0
2.8.14-r0
2.8.17-r0
2.8.19-r0
3.*
3.0.0-r0
3.0.0-r1
3.0.1-r0
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.0.5-r0
3.0.5-r1
3.0.6-r0
3.0.7-r0
3.0.7-r1
3.2.0-r0
3.2.1-r0
3.2.3-r0
3.2.4-r0
3.2.5-r0
3.2.7-r0
3.2.8-r0
3.2.9-r0
4.*
4.0.2-r0
4.0.2-r1
4.0.5-r0
4.0.6-r0
4.0.8-r0
4.0.9-r0
4.0.9-r1
4.0.9-r2
4.0.10-r0
4.0.10-r1
4.0.11-r0
4.0.12-r0
4.0.13-r0
5.*
5.0.4-r0
5.0.5-r0
5.0.7-r0
5.0.8-r0
5.0.9-r0
6.*
6.0.1-r0
6.0.4-r0
6.0.5-r0
6.0.9-r0
6.0.10-r0
Alpine:v3.16 / redis
Package
- Name
- redis
- Purl
- pkg:apk/alpine/redis?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.2.0-r0
Affected versions
2.*
2.4.14-r0
2.4.14-r1
2.4.14-r2
2.4.16-r0
2.6.16-r0
2.6.17-r0
2.8.9-r0
2.8.9-r1
2.8.9-r2
2.8.10-r0
2.8.11-r0
2.8.12-r0
2.8.13-r0
2.8.14-r0
2.8.17-r0
2.8.19-r0
3.*
3.0.0-r0
3.0.0-r1
3.0.1-r0
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.0.5-r0
3.0.5-r1
3.0.6-r0
3.0.7-r0
3.0.7-r1
3.2.0-r0
3.2.1-r0
3.2.3-r0
3.2.4-r0
3.2.5-r0
3.2.7-r0
3.2.8-r0
3.2.9-r0
4.*
4.0.2-r0
4.0.2-r1
4.0.5-r0
4.0.6-r0
4.0.8-r0
4.0.9-r0
4.0.9-r1
4.0.9-r2
4.0.10-r0
4.0.10-r1
4.0.11-r0
4.0.12-r0
4.0.13-r0
5.*
5.0.4-r0
5.0.5-r0
5.0.7-r0
5.0.8-r0
5.0.9-r0
6.*
6.0.1-r0
6.0.4-r0
6.0.5-r0
6.0.9-r0
6.0.10-r0
Alpine:v3.17 / redis
Package
- Name
- redis
- Purl
- pkg:apk/alpine/redis?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.2.0-r0
Affected versions
2.*
2.4.14-r0
2.4.14-r1
2.4.14-r2
2.4.16-r0
2.6.16-r0
2.6.17-r0
2.8.9-r0
2.8.9-r1
2.8.9-r2
2.8.10-r0
2.8.11-r0
2.8.12-r0
2.8.13-r0
2.8.14-r0
2.8.17-r0
2.8.19-r0
3.*
3.0.0-r0
3.0.0-r1
3.0.1-r0
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.0.5-r0
3.0.5-r1
3.0.6-r0
3.0.7-r0
3.0.7-r1
3.2.0-r0
3.2.1-r0
3.2.3-r0
3.2.4-r0
3.2.5-r0
3.2.7-r0
3.2.8-r0
3.2.9-r0
4.*
4.0.2-r0
4.0.2-r1
4.0.5-r0
4.0.6-r0
4.0.8-r0
4.0.9-r0
4.0.9-r1
4.0.9-r2
4.0.10-r0
4.0.10-r1
4.0.11-r0
4.0.12-r0
4.0.13-r0
5.*
5.0.4-r0
5.0.5-r0
5.0.7-r0
5.0.8-r0
5.0.9-r0
6.*
6.0.1-r0
6.0.4-r0
6.0.5-r0
6.0.9-r0
6.0.10-r0
Alpine:v3.18 / redis
Package
- Name
- redis
- Purl
- pkg:apk/alpine/redis?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.2.0-r0
Affected versions
2.*
2.4.14-r0
2.4.14-r1
2.4.14-r2
2.4.16-r0
2.6.16-r0
2.6.17-r0
2.8.9-r0
2.8.9-r1
2.8.9-r2
2.8.10-r0
2.8.11-r0
2.8.12-r0
2.8.13-r0
2.8.14-r0
2.8.17-r0
2.8.19-r0
3.*
3.0.0-r0
3.0.0-r1
3.0.1-r0
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.0.5-r0
3.0.5-r1
3.0.6-r0
3.0.7-r0
3.0.7-r1
3.2.0-r0
3.2.1-r0
3.2.3-r0
3.2.4-r0
3.2.5-r0
3.2.7-r0
3.2.8-r0
3.2.9-r0
4.*
4.0.2-r0
4.0.2-r1
4.0.5-r0
4.0.6-r0
4.0.8-r0
4.0.9-r0
4.0.9-r1
4.0.9-r2
4.0.10-r0
4.0.10-r1
4.0.11-r0
4.0.12-r0
4.0.13-r0
5.*
5.0.4-r0
5.0.5-r0
5.0.7-r0
5.0.8-r0
5.0.9-r0
6.*
6.0.1-r0
6.0.4-r0
6.0.5-r0
6.0.9-r0
6.0.10-r0
Alpine:v3.19 / redis
Package
- Name
- redis
- Purl
- pkg:apk/alpine/redis?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.2.0-r0
Affected versions
2.*
2.4.14-r0
2.4.14-r1
2.4.14-r2
2.4.16-r0
2.6.16-r0
2.6.17-r0
2.8.9-r0
2.8.9-r1
2.8.9-r2
2.8.10-r0
2.8.11-r0
2.8.12-r0
2.8.13-r0
2.8.14-r0
2.8.17-r0
2.8.19-r0
3.*
3.0.0-r0
3.0.0-r1
3.0.1-r0
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.0.5-r0
3.0.5-r1
3.0.6-r0
3.0.7-r0
3.0.7-r1
3.2.0-r0
3.2.1-r0
3.2.3-r0
3.2.4-r0
3.2.5-r0
3.2.7-r0
3.2.8-r0
3.2.9-r0
4.*
4.0.2-r0
4.0.2-r1
4.0.5-r0
4.0.6-r0
4.0.8-r0
4.0.9-r0
4.0.9-r1
4.0.9-r2
4.0.10-r0
4.0.10-r1
4.0.11-r0
4.0.12-r0
4.0.13-r0
5.*
5.0.4-r0
5.0.5-r0
5.0.7-r0
5.0.8-r0
5.0.9-r0
6.*
6.0.1-r0
6.0.4-r0
6.0.5-r0
6.0.9-r0
6.0.10-r0
Debian:11 / redis
Package
- Name
- redis
- Purl
- pkg:deb/debian/redis?arch=source
Debian:12 / redis
Package
- Name
- redis
- Purl
- pkg:deb/debian/redis?arch=source
Debian:13 / redis
Package
- Name
- redis
- Purl
- pkg:deb/debian/redis?arch=source
Git / github.com/antirez/redis
Affected ranges
- Type
- GIT
- Repo
- https://github.com/antirez/redis
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/redis/redis
- Events
Affected versions
1.*
1.3.6
2.*
2.2-alpha0
2.2-alpha1
2.2-alpha2
2.2-alpha3
2.2-alpha4
2.2-alpha5
2.2-alpha6
2.2.0-rc1
2.3-alpha0
3.*
3.0-alpha0
5.*
5.0-rc1
5.0-rc2
5.0-rc3
5.0-rc4
5.0-rc5
5.0-rc6
5.0.0
5.0.1
5.0.2
5.0.3
5.0.4
5.0.5
5.0.6
5.0.7
5.0.8
5.0.9
6.*
6.0.0
6.0.1
6.0.2
6.0.3
6.0.4
6.0.5
6.0.6
6.0.7
6.0.8
v1.*
v1.3.10
v1.3.11
v1.3.12
v1.3.7
v1.3.8
v1.3.9
v2.*
v2.0.0-rc1
v2.1.1-watch
Other
vm-playpen
with-deprecated-diskstore