CVE-2016-8339 is a vulnerability in Redis Labs Redis
Published on October 28, 2016
A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution.
Products Associated with CVE-2016-8339
Want to know whenever a new CVE is published for Redis Labs Redis? stack.watch will email you.
Affected Versions
Redis Version 3.2.x prior to 3.2.4 is affected by CVE-2016-8339Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.