Actively exploited vulnerability

CVE-2022-0543: Debian-specific Redis Server Lua Sandbox Escape Vulnerability

Redis is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.

CISA KEV source 28 Mar 2022 added 18 Apr 2022 remediation due

Affected product

Redis · Debian-specific Redis Servers

Known ransomware use: Unknown

Required action

Follow the source advisory and validate exposure in your environment.

Apply updates per vendor instructions.

Related Yasna coverage

Recent reporting that mentions CVE-2022-0543.