发布于3月6日3月6日 Members FreeBSD: VID-A60CC0E4-C7AA-11ED-8A4B-080027F5FEC9 (CVE-2023-28425): redis -- specially crafted MSETNX command can lead to denial-of-service Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/20/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10. Solution(s) freebsd-upgrade-package-redis freebsd-upgrade-package-redis-devel References CVE-2023-28425
