Vulnerability
KeyDB inherits CVE-2024-46981 from Redis — Lua GC manipulation leading to use-after-free.
Verification
The upstream fix for this CVE has not been cherry-picked into KeyDB. Verified by checking KeyDB latest master (git sha 603ebb27) — fix commit absent, vulnerable code path present.
Suggested Fix
Upstream Redis fix
Vulnerability
KeyDB inherits CVE-2024-46981 from Redis — Lua GC manipulation leading to use-after-free.
Verification
The upstream fix for this CVE has not been cherry-picked into KeyDB. Verified by checking KeyDB latest master (git sha
603ebb27) — fix commit absent, vulnerable code path present.Suggested Fix
Upstream Redis fix