ApsaraDB for Redis has addressed the CVE-2022-24834 security vulnerability by providing security patches for various Redis versions. We recommend that you upgrade your ApsaraDB for Redis instance to the latest version at the earliest opportunity.
Vulnerability details
Scope of impact
All instances whose major version is earlier than or equal to Redis 7.0
Suggestions
If your instance runs Redis 7.0, 6.0, or 5.0, we recommend that you update the minor version of the instance at the earliest opportunity. For Redis 7.0, the recommended minor version is 7.0.1.2 or later. For Redis 6.0, the recommended minor version is 6.0.2.4 or later. For Redis 5.0, the recommended minor version is 5.2.4 or later. For more information, see Update the minor version.
If the major version of your instance is earlier than Redis 5.0, we recommend that you upgrade the major version of the instance at the earliest opportunity. For more information, see Upgrade the major version.