[Git][security-tracker-team/security-tracker][master] Update status for some redis/redict/valkey issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Oct 5 20:15:36 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a78f1d63 by Salvatore Bonaccorso at 2025-10-05T21:14:23+02:00
Update status for some redis/redict/valkey issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -925,19 +925,25 @@ CVE-2025-47210 (A NULL pointer dereference vulnerability has been reported to af
 	NOT-FOR-US: QNAP
 CVE-2025-46819 (Redis is an open source, in-memory database that persists on disk. Ver ...)
 	- redis <unfixed>
+	- redict <unfixed>
+	- valkey <unfixed>
 	NOTE: https://github.com/redis/redis/security/advisories/GHSA-4c68-q8q8-3g4f
 	NOTE: https://github.com/redis/redis/commit/3a1624da2449ac3dbfc4bdaed43adf77a0b7bfba (8.2.2)
-	TODO: check impact and redict and valkey fork
+	NOTE: https://github.com/valkey-io/valkey/commit/6dd003e88feace83e55491f32376f6927896e31e
 CVE-2025-46818 (Redis is an open source, in-memory database that persists on disk. Ver ...)
 	- redis <unfixed>
+	- redict <unfixed>
+	- valkey <unfixed>
 	NOTE: https://github.com/redis/redis/security/advisories/GHSA-qrv7-wcrx-q5jp
 	NOTE: https://github.com/redis/redis/commit/45eac0262028c771b6f5307372814b75f49f7a9e (8.2.2)
-	TODO: check impact and redict and valkey fork
+	NOTE: https://github.com/valkey-io/valkey/commit/6dd003e88feace83e55491f32376f6927896e31e
 CVE-2025-46817 (Redis is an open source, in-memory database that persists on disk. Ver ...)
 	- redis <unfixed>
+	- redict <unfixed>
+	- valkey <unfixed>
 	NOTE: https://github.com/redis/redis/security/advisories/GHSA-m8fj-85cg-7vhp
 	NOTE: https://github.com/redis/redis/commit/fc9abc775e308374f667fdf3e723ef4b7eb0e3ca (8.2.2)
-	TODO: check impact and redict and valkey fork
+	NOTE: https://github.com/valkey-io/valkey/commit/6dd003e88feace83e55491f32376f6927896e31e
 CVE-2025-44014 (An out-of-bounds write vulnerability has been reported to affect Qsync ...)
 	NOT-FOR-US: QNAP
 CVE-2025-44012 (An allocation of resources without limits or throttling vulnerability  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a78f1d63a9a528d4fd9983c4073e09eb615176db

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a78f1d63a9a528d4fd9983c4073e09eb615176db
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251005/60340724/attachment.htm>

More information about the debian-security-tracker-commits mailing list