REDIS ON WINDOWS DBGHELP.DLL UNCONTROLLED SEARCH PATH

A vulnerability was found in [Redis](https://vuldb.com/?product.redis) on Windows ([the affected version is unknown](https://vuldb.com/?kb.version)). It has been declared as critical.

This vulnerability affects an unknown functionality in the library C:/Program Files/Redis/dbghelp.dll. The manipulation with an unknown input leads to a privilege escalation vulnerability. The CWE definition for the vulnerability is [CWE-427](https://vuldb.com/?vulnerability_cwe.212416).

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors. As an impact it is known to affect confidentiality, integrity, and availability.

The weakness was released 10/28/2022. The advisory is shared for download at [cnblogs.com](https://vuldb.com/?advisory_url.212416).

Refer https://vuldb.com/?id.212416 for more details

Please let us know about the impact of the issue and by when and in which version this issue can be expected to get fixed ?

Best Regards,
Apoorv

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

REDIS ON WINDOWS DBGHELP.DLL UNCONTROLLED SEARCH PATH #272

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

REDIS ON WINDOWS DBGHELP.DLL UNCONTROLLED SEARCH PATH #272

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions