24 matches found
Astra Linux - уязвимость в redis
Redis is an open-source, in-memory database that persists data on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field, which will cause a crash in Redis when accessed in affected versions. This issue has been addressed in versions 7.0.11, 6.2.12, and 6.0.19...
EUVD-2023-32480
Malicious code in bioql PyPI...
SUSE SLES15 Security Update : redis (SUSE-SU-2023:3407-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3407-1 advisory. - Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overfl...
FreeBSD : redis -- HINCRBYFLOAT can be used to crash a redis-server process (96b2d4db-ddd2-11ed-b6ea-080027f5fec9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 96b2d4db-ddd2-11ed-b6ea-080027f5fec9 advisory. - Redis is an open source, in-memory database that persists on disk. Authenticated users can use the...
Medium: redis6
Issue Overview: Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10...
Improper Input Validation
redis is vulnerable to Improper Input Validation. The vulnerability allows the 'HINCRBYFLOAT' command to be used by authenticated users which creates an invalid hash fish which crashes redis...
Fedora 37 : redis (2023-5b6510a584)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5b6510a584 advisory. Redis 7.0.11 Released Mon Apr 17 16:00:00 IST 2023 Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: CVE-2023-28856...
Fedora 38 : redis (2023-e4e3393396)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-e4e3393396 advisory. Redis 7.0.11 Released Mon Apr 17 16:00:00 IST 2023 Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: CVE-2023-28856...
`HINCRBYFLOAT` can be used to crash a redis-server process
...
Updated redis packages fix security vulnerability
Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access. CVE-2023-28856...
Redis < 6.0.19, 6.2.x < 6.2.12, 7.0.x < 7.0.11 DoS Vulnerability
Redis is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:redis:redis"; if...
CVE-2023-28856
Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...
DEBIAN-CVE-2023-28856
Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...
AZL-26290 CVE-2023-28856 affecting package redis for versions less than 6.2.12-1
Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...
CVE-2023-28856
Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...
UBUNTU-CVE-2023-28856
Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...
CVE-2023-28856 `HINCRBYFLOAT` can be used to crash a redis-server process
Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...
CVE-2023-28856 `HINCRBYFLOAT` can be used to crash a redis-server process
Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...
CVE-2023-28856
Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...
SUSE CVE-2023-28856
Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised ...