MiracleLinux 8 : redis:6 (AXSA:2025-9955:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9955:01 advisory. redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client CVE-2025-21605 Tenable has extracted the preceding...

OESA-2025-2839 redis6 security update

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

TencentOS Server 4: redis (TSSA-2025:0376)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0376 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

RLSA-2025:7429 Important: redis:7 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

MGASA-2025-0171 Updated redis packages fix security vulnerability

Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client. CVE-2025-21605...

RHEL 8 : redis:6 (RHSA-2025:7686)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7686 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

A flaw was found in the Redis server. This flaw allows an unauthenticated client to cause an unlimited growth of output buffers until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients see client-output-buffer-limit...

redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

A flaw was found in the Redis server. This flaw allows an unauthenticated client to cause an unlimited growth of output buffers until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients see client-output-buffer-limit...

OESA-2025-1474 redis security update

Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An...

redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

A flaw was found in the Redis server. This flaw allows an unauthenticated client to cause an unlimited growth of output buffers until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients see client-output-buffer-limit...

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Fedora 40 : redis (2025-290b0c6e2b)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-290b0c6e2b advisory. Redis 7.2.8 Released Wed 23 Apr 2025 12:00:00 IST Update urgency: SECURITY: There are security fixes in the release. Security fixes CVE-2025-21605 An...

Amazon Linux 2023 : valkey, valkey-devel (ALAS2023-2025-949)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-949 advisory. Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the serve...

Amazon Linux 2 : redis (ALASREDIS6-2025-012)

The version of redis installed on the remote host is prior to 6.2.14-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2REDIS6-2025-012 advisory. Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An...

BIT-REDIS-2025-21605 Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the outpu...

FreeBSD : redis,valkey -- DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client (af8d043f-20df-11f0-b9c5-000c295725e4)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the af8d043f-20df-11f0-b9c5-000c295725e4 advisory. Axel Mierczuk reports: By default, the Redis configuration does not limit the output buffer of normal...

CVE-2025-21605

CVE-2025-21605 affects Redis where, in versions starting at 2.6 and before 7.4.3, an unauthenticated client can cause unlimited growth of the output buffer, exhausting memory and potentially crashing the server. The issue occurs because Redis’ default client-output-buffer-limit does not cap norma...

CVE-2025-21605 Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the outpu...

CVE-2025-21605 Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the outpu...