vulnerability

Redis: (CVE-2021-3470)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Mar 31, 2021	Apr 7, 2021	Mar 30, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Mar 31, 2021

Added

Apr 7, 2021

Modified

Mar 30, 2026

Description

A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast majority of users, who use jemalloc or glibc malloc.

Solution

redislabs-redis-upgrade-latest

References

CVE-2021-3470
https://attackerkb.com/topics/CVE-2021-3470
CWE-119
CWE-787
EUVD-EUVD-2021-26792
https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-26792

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today