{"id":"CVE-2022-0543","details":"It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.","aliases":["BIT-redis-2022-0543"],"modified":"2026-03-13T05:21:29.455070Z","published":"2022-02-18T20:15:17.583Z","related":["CGA-vq8r-8j75-3r5p"],"references":[{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-0543"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-security-announce/2022/msg00048.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220331-0004/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5081"},{"type":"ADVISORY","url":"https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"},{"type":"FIX","url":"https://bugs.debian.org/1005787"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-0543.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}]}