Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue.
History

Sun, 08 Sep 2024 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat acm
CPEs cpe:/a:redhat:acm:2.6::el8
Vendors & Products Redhat
Redhat acm

Mon, 19 Aug 2024 22:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:acm:2.6::el8
Vendors & Products Redhat
Redhat acm

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-04-18T20:50:03.691Z

Updated: 2024-08-02T13:51:38.912Z

Reserved: 2023-03-24T16:25:34.468Z

Link: CVE-2023-28856

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-04-18T21:15:09.313

Modified: 2024-11-21T07:56:10.077

Link: CVE-2023-28856

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-04-17T00:00:00Z

Links: CVE-2023-28856 - Bugzilla