CVE-2020-35668: Null Pointer Dereference
First published: Wed Dec 23 2020(Updated: )
RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redislabs Redisgraph | >=2.0.0<2.2.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for RedisGraph?
The vulnerability ID for RedisGraph is CVE-2020-35668.
What is the severity rating of CVE-2020-35668?
CVE-2020-35668 has a severity rating of 7.5 (high).
How does CVE-2020-35668 affect RedisGraph?
CVE-2020-35668 affects RedisGraph versions 2.x through 2.2.11.
What is the impact of CVE-2020-35668?
The impact of CVE-2020-35668 is a NULL pointer dereference that leads to a server crash.
Is there a fix available for CVE-2020-35668?
Yes, a fix for CVE-2020-35668 is available. Please refer to the official GitHub issue and pull request for more information.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/redislabs
- canonical/redislabs redisgraph
- version/redislabs redisgraph/2.0.0