VYPR

npm package

redis

pkg:npm/redis

Vulnerabilities (1)

  • CVE-2021-29469Apr 23, 2021
    affected >= 2.6.0, < 3.1.1fixed 3.1.1

    Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3