FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

redis -- specially crafted MSETNX command can lead to denial-of-service

Affected packages
		redis	<	7.0.10
		redis-devel	<	7.0.10.20230320

Details

VuXML ID	a60cc0e4-c7aa-11ed-8a4b-080027f5fec9
Discovery	2023-03-20
Entry	2023-03-21

Yupeng Yang reports:

Authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process.

[source]

References

CVE Name	CVE-2023-28425
URL	https://github.com/redis/redis/security/advisories/GHSA-mvmm-4vq6-vw8c

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.