Updated redis packages fix security vulnerability

🗓️ 24 Apr 2023 00:20:26Reported by Gentoo FoundationType

Updated redis packages fix security vulnerability. Authenticated users HINCRBYFLOAT command creates invalid hash field, causing Redis crash on access. (CVE-2023-28856

Reporter	Title	Published	Views	Family All 122
IBM Security Bulletins	Security Bulletin: IBM QRadar Assistant App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	29 Jan 202520:13	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Python, OpenSSH, Golang Go, Minio and Redis may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift	26 Mar 202503:50	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in Redis may affect IBM Robotic Process Automation for Cloud Pak	2 Jan 202420:21	–	ibm
FreeBSD	redis -- HINCRBYFLOAT can be used to crash a redis-server process	17 Apr 202300:00	–	freebsd
Tenable Nessus	Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2023-164)	3 May 202300:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0014: redis:6 (ALINUX3-SA-2025:0014)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : redis:6 (ALSA-2025:0595)	23 Jan 202500:00	–	nessus
Tenable Nessus	Debian dla-3396 : redis - security update	25 Apr 202300:00	–	nessus
Tenable Nessus	Debian dla-3885 : redis - security update	10 Sep 202400:00	–	nessus
Tenable Nessus	Fedora 36 : redis (2023-04239b5758)	26 Apr 202300:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Mageia	8	any	redis	6.0.19-1	redis-6.0.19-1.noarch.rpm

Source	Link
bugs	www.bugs.mageia.org/show_bug.cgi
github	www.github.com/redis/redis/releases/tag/6.0.19

24 Apr 2023 00:20Current

7High risk

Vulners AI Score7

CVSS 3.15.5 - 6.5

EPSS0.00963

SSVC