Redis’ Lua scripting subsystem contained a subtle but consequential weakness that let a less‑privileged user inject code which could later execute with the privileges of a higher‑privileged Redis user — a bug tracked as CVE‑2022‑24735 and fixed in Redis 6.2.7 and 7.0.0. Background / Overview...
