CVE-2020-35668

Sažetak

RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced.

Reference

https://github.com/RedisGraph/RedisGraph/issues/1502
https://github.com/RedisGraph/RedisGraph/pull/1503

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

28-12-2020 - 18:11

Objavljeno

23-12-2020 - 23:15