Redis is generally backward compatible with very few exceptions, so we recommend users to always use the latest version to experience stability, performance and security.
We generall 8000 y backport security issues to a single previous major version, unless this is not possible or feasible with a reasonable effort.
| Version | Supported |
|---|---|
| 8.0.x | ✅ |
| 7.4.x | ✅ |
| 7.2.x | ✅ |
| < 7.2.x | ❌ |
| 6.2.x | ✅ Support may be removed after end of 2025 |
| < 6.2.x | ❌ |
If you believe you've discovered a serious vulnerability, please contact the Redis core team at redis@redis.io. We will evaluate your report and if necessary issue a fix and an advisory. If the issue was previously undisclosed, we'll also mention your name in the credits.
In some cases, we may apply a responsible disclosure process to reported or otherwise discovered vulnerabilities. We will usually do that for a critical vulnerability, and only if we have a good reason to believe information about it is not yet public.
This process involves providing an early notification about the vulnerability, its impact and mitigations to a short list of vendors under a time-limited embargo on public disclosure.
If you believe you should be on the list, please contact us and we will consider your request based on the above criteria.