Hi Redis Team,
I am Veerappan from Honeywell. We are using Redis Server version 6.2.5 in one of our project and that version has reported a Security Risk of Lua Library with version 5.1.5 by our internal binary scanning tool.
So, we tried updating the latest version of Redis which released this month v6.2.6 and it still uses the Lua Library with the same version 5.1.5.
Can you please let us know what is the fix plan to update the Lua Library with a non-vulnerable version that has no security risk?
We are holding our deliverables related to Redis to production because of this vulnerable detected.
So it would be really great, if you please let us know your fix plan for this vulnerable ASAP, upon which we can plan accordingly.
Thanks,
Veera