Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command (specifically, a SET command). NOTE: this was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have safety guarantees related to this.
{ "ubuntu_priority": "medium", "binaries": [ { "binary_name": "redis", "binary_version": "5:7.0.15-1build2" }, { "binary_name": "redis-sentinel", "binary_version": "5:7.0.15-1build2" }, { "binary_name": "redis-server", "binary_version": "5:7.0.15-1build2" }, { "binary_name": "redis-tools", "binary_version": "5:7.0.15-1build2" }, { "binary_name": "redis-tools-dbgsym", "binary_version": "5:7.0.15-1build2" } ], "availability": "No subscription required" }
{ "ubuntu_priority": "medium", "binaries": [ { "binary_name": "redis", "binary_version": "5:7.0.12-1" }, { "binary_name": "redis-sentinel", "binary_version": "5:7.0.12-1" }, { "binary_name": "redis-server", "binary_version": "5:7.0.12-1" }, { "binary_name": "redis-tools", "binary_version": "5:7.0.12-1" }, { "binary_name": "redis-tools-dbgsym", "binary_version": "5:7.0.12-1" } ], "availability": "No subscription required" }
{ "ubuntu_priority": "medium", "binaries": [ { "binary_name": "redis", "binary_version": "5:7.0.15-1build2" }, { "binary_name": "redis-sentinel", "binary_version": "5:7.0.15-1build2" }, { "binary_name": "redis-server", "binary_version": "5:7.0.15-1build2" }, { "binary_name": "redis-tools", "binary_version": "5:7.0.15-1build2" }, { "binary_name": "redis-tools-dbgsym", "binary_version": "5:7.0.15-1build2" } ], "availability": "No subscription required" }