CVE-2023-28858 - OpenCVE

redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request in an off-by-one manner. NOTE: this CVE Record was initially created in response to reports about ChatGPT, and 4.3.6, 4.4.3, and 4.5.3 were released (changing the behavior for pipeline operations); however, please see CVE-2023-28859 about addressing data leakage across AsyncIO connections in general.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Redis	Redis-py

Configuration 1 [-]

OR	cpe:2.3:a:redis:redis-py::::::::
	cpe:2.3:a:redis:redis-py::::::::
	cpe:2.3:a:redis:redis-py::::::::

References

Link	Resource
https://github.com/redis/redis-py/compare/v4.3.5...v4.3.6	Patch
https://github.com/redis/redis-py/compare/v4.4.2...v4.4.3	Patch
https://github.com/redis/redis-py/compare/v4.5.2...v4.5.3	Patch
https://github.com/redis/redis-py/issues/2624	Issue Tracking
https://github.com/redis/redis-py/pull/2641	Issue Tracking Patch
https://openai.com/blog/march-20-chatgpt-outage	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-03-26T00:00:00

Updated: 2023-03-30T21:53:08.718814Z

Reserved: 2023-03-26T00:00:00

Link: CVE-2023-28858

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-03-26T19:15:06.780

Modified: 2023-05-17T17:07:38.017

Link: CVE-2023-28858

JSON object: View

Redhat Information

No data.

CWE

CWE-193

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redis:redis-py:*:*:*:*:*:*:*:*", "matchCriteriaId": "01B96893-5078-47C0-A2F2-D1039A45152D", "versionEndExcluding": "4.3.6", "versionStartIncluding": "4.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redis:redis-py:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4512975-5839-4179-9B9E-526526E02C6F", "versionEndExcluding": "4.4.3", "versionStartIncluding": "4.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redis:redis-py:*:*:*:*:*:*:*:*", "matchCriteriaId": "5782D240-CF0F-41B0-9A06-47DD9E51C075", "versionEndExcluding": "4.5.3", "versionStartIncluding": "4.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request in an off-by-one manner. NOTE: this CVE Record was initially created in response to reports about ChatGPT, and 4.3.6, 4.4.3, and 4.5.3 were released (changing the behavior for pipeline operations); however, please see CVE-2023-28859 about addressing data leakage across AsyncIO connections in general."}], "id": "CVE-2023-28858", "lastModified": "2023-05-17T17:07:38.017", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-03-26T19:15:06.780", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/redis/redis-py/compare/v4.3.5...v4.3.6"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/redis/redis-py/compare/v4.4.2...v4.4.3"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/redis/redis-py/compare/v4.5.2...v4.5.3"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking"], "url": "https://github.com/redis/redis-py/issues/2624"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/redis/redis-py/pull/2641"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://openai.com/blog/march-20-chatgpt-outage"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-193"}], "source": "nvd@nist.gov", "type": "Primary"}]}