Vulnerability
KeyDB inherits CVE-2020-4670 from Redis — Default configuration lacks authentication.
Verification
The upstream fix for this CVE has not been cherry-picked into KeyDB. Verified by checking KeyDB latest master (git sha 603ebb27) — fix commit absent, vulnerable code path present.
Suggested Fix
Configure requirepass or use protected-mode
Vulnerability
KeyDB inherits CVE-2020-4670 from Redis — Default configuration lacks authentication.
Verification
The upstream fix for this CVE has not been cherry-picked into KeyDB. Verified by checking KeyDB latest master (git sha
603ebb27) — fix commit absent, vulnerable code path present.Suggested Fix
Configure requirepass or use protected-mode