redisgraph@2.0 vulnerabilities

RedisGraph Python Client

Direct Vulnerabilities

Known vulnerabilities in the redisgraph package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Out-of-bounds Write

redisgraph is a RedisGraph Python Client

Affected versions of this package are vulnerable to Out-of-bounds Write in string_funcs.c, allowing an attacker to execute arbitrary code.

How to fix Out-of-bounds Write?

A fix was pushed into the master branch but not yet published.

[0,)
  • H
NULL Pointer Dereference

redisgraph is a RedisGraph Python Client

Affected versions of this package are vulnerable to NULL Pointer Dereference. It mishandles an unquoted string, such as an alias that has not yet been introduced.

How to fix NULL Pointer Dereference?

Upgrade redisgraph to version 2.4.0 or higher.

[0,2.4.0)