DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2023-28856

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-28856

CGA ID

CGA-xg5m-x2j2-2q37

Severity

6.5

Medium

CVSS V3

Description

Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images