RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced.
References
Link | Resource |
---|---|
https://github.com/RedisGraph/RedisGraph/issues/1502 | Exploit Third Party Advisory |
https://github.com/RedisGraph/RedisGraph/pull/1503 | Patch Third Party Advisory |
Configurations
Information
Published : 2020-12-23 15:15
Updated : 2020-12-28 10:11
NVD link : CVE-2020-35668
Mitre link : CVE-2020-35668
JSON object : View
CWE
CWE-476
NULL Pointer Dereference
Products Affected
redislabs
- redisgraph