Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue.
Metrics
Affected Vendors & Products
References
History
Sun, 08 Sep 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat acm |
|
CPEs | cpe:/a:redhat:acm:2.6::el8 | |
Vendors & Products |
Redhat
Redhat acm |
Mon, 19 Aug 2024 22:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | ||
Vendors & Products |
Redhat
Redhat acm |
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-04-18T20:50:03.691Z
Updated: 2024-08-02T13:51:38.912Z
Reserved: 2023-03-24T16:25:34.468Z
Link: CVE-2023-28856
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-04-18T21:15:09.313
Modified: 2024-11-21T07:56:10.077
Link: CVE-2023-28856
Redhat