13 matches found
Photon OS 4.0: Redis PHSA-2026-4.0-1038
An update of the redis package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1038. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Oracle Linux 9 : redis:7 (ELSA-2026-25219)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-25219 advisory. 7.2.14-1.0.1 - Build with 64k pages to support redis on UEK on aarch64 7.2.14-1 - rebase to 7.2.14 for CVE-2026-23479 CVE-2026-25243 CVE-2026-23631...
valkey security update
An update is available for valkey. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Valkey is an advanced key-value store. It is often referred to as a data...
RockyLinux 10 : valkey (RLSA-2026:25216)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25216 advisory. redis: use-after-free in unblock client flow may allow remote code execution CVE-2026-23479 redis: Remote code execution via use-after-free in Lua...
TencentOS Server 4: redis (TSSA-2026:0403)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0403 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
SUSE SLES15 Security Update : valkey (SUSE-SU-2026:1949-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1949-1 advisory. This update for valkey fixes the following issues - CVE-2026-23479: use-after-free in unblock client flow may lead to remote code...
Fedora 43 : valkey (2026-76cf27ea56)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-76cf27ea56 advisory. Version 8.1.7 Security fixes - CVE-2026-23479 Use-After-Free in unblock client flow - CVE-2026-25243 Invalid Memory Access in RESTORE command -...
CVE-2026-23479 affecting package valkey for versions less than 8.0.9-1
CVE-2026-23479 affecting package valkey for versions less than 8.0.9-1. A patched version of the package is available...
OESA-2026-2237 redis security update
Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: When a blocked client is evicted while re-executing a blocked command, an authenticated user may trigger a use-after-free and...
redis-8.6.3-1.1 on GA media (moderate)
redis-8.6.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10711-1 Rating: moderate Cross-References: CVE-2026-23479 CVE-2026-23631 CVE-2026-25243 CVE-2026-25588 CVE-2026-25589 CVSS scores: CVE-2026-23479 SUSE : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23479 SUSE : 7.7...
CVE-2026-23479
creationtimestamp| type| source ---|---|--- 2026-05-05 21:05:05+00:00| seen| https://bsky.app/profile/releaseport.com/post/3ml53nebovc2j 2026-05-06 00:07:05+00:00| seen| https://bsky.app/profile/releaseport.com/post/3ml5fsrua3j23 2026-05-06 03:03:07+00:00| seen|...
DEBIAN-CVE-2026-23479
Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...
CVE-2026-23479
Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...