vulnerability

Redis: Out-of-bounds Write (CVE-2021-3470)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Mar 31, 2021	Apr 7, 2021	Aug 11, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Mar 31, 2021

Added

Apr 7, 2021

Modified

Aug 11, 2025

Description

A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast majority of users, who use jemalloc or glibc malloc.

Solutions

redislabs-redis-upgrade-5_0_10redislabs-redis-upgrade-6_0_9

References

CVE-2021-3470
https://attackerkb.com/topics/CVE-2021-3470
CWE-119
CWE-787

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today