{"url":"http://public2.vulnerablecode.io/api/packages/34987?format=json","purl":"pkg:pypi/redis@6.2.0","type":"pypi","namespace":"","name":"redis","version":"6.2.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36491?format=json","vulnerability_id":"VCID-djsy-vdqj-jqca","summary":"Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command (specifically, a SET command). NOTE: this was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have safety guarantees related to this.","references":[{"reference_url":"https://github.com/redis/redis/commit/46f4ebbe842620f0976a36741a72482620aa4b48","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://github.com/redis/redis/commit/46f4ebbe842620f0976a36741a72482620aa4b48"},{"reference_url":"https://github.com/redis/redis/commit/6cbea7d29b5285692843bc1c351abba1a7ef326f","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://github.com/redis/redis/commit/6cbea7d29b5285692843bc1c351abba1a7ef326f"},{"reference_url":"https://github.com/redis/redis/issues/8712","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://github.com/redis/redis/issues/8712"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230814-0007/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://security.netapp.com/advisory/ntap-20230814-0007/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34987?format=json","purl":"pkg:pypi/redis@6.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/redis@6.2.0"}],"aliases":["CVE-2021-31294","PYSEC-2023-312"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-djsy-vdqj-jqca"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/redis@6.2.0"}