[Git][security-tracker-team/security-tracker][master] Add three redis issues, initial tracking

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Oct 3 22:18:53 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
899cf9ea by Salvatore Bonaccorso at 2025-10-03T23:18:10+02:00
Add three redis issues, initial tracking

Futthermore needs triage for redict and valkey.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -193,11 +193,20 @@ CVE-2025-47211 (A path traversal vulnerability has been reported to affect sever
 CVE-2025-47210 (A NULL pointer dereference vulnerability has been reported to affect Q ...)
 	NOT-FOR-US: QNAP
 CVE-2025-46819 (Redis is an open source, in-memory database that persists on disk. Ver ...)
-	TODO: check
+	- redis <unfixed>
+	NOTE: https://github.com/redis/redis/security/advisories/GHSA-4c68-q8q8-3g4f
+	NOTE: https://github.com/redis/redis/commit/3a1624da2449ac3dbfc4bdaed43adf77a0b7bfba (8.2.2)
+	TODO: check impact and redict and valkey fork
 CVE-2025-46818 (Redis is an open source, in-memory database that persists on disk. Ver ...)
-	TODO: check
+	- redis <unfixed>
+	NOTE: https://github.com/redis/redis/security/advisories/GHSA-qrv7-wcrx-q5jp
+	NOTE: https://github.com/redis/redis/commit/45eac0262028c771b6f5307372814b75f49f7a9e (8.2.2)
+	TODO: check impact and redict and valkey fork
 CVE-2025-46817 (Redis is an open source, in-memory database that persists on disk. Ver ...)
-	TODO: check
+	- redis <unfixed>
+	NOTE: https://github.com/redis/redis/security/advisories/GHSA-m8fj-85cg-7vhp
+	NOTE: https://github.com/redis/redis/commit/fc9abc775e308374f667fdf3e723ef4b7eb0e3ca (8.2.2)
+	TODO: check impact and redict and valkey fork
 CVE-2025-44014 (An out-of-bounds write vulnerability has been reported to affect Qsync ...)
 	NOT-FOR-US: QNAP
 CVE-2025-44012 (An allocation of resources without limits or throttling vulnerability  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/899cf9ead387e02c2e32c7c061258af61de41108

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/899cf9ead387e02c2e32c7c061258af61de41108
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251003/5d004fde/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list