WID-SEC-W-2025-1463 — Vulnetix

WID-SEC-W-2025-1463 PUBLISHED CVSS 8.699999809265137 HIGH

Redis ist ein In-Memory-Datenstrukturspeicher, der als Datenbank, Cache und Message Broker verwendet wird.

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
	Open Source Redis <6.2.19
	Fedora Linux
	IBM DataPower Gateway <10.6.5.0
	IBM DataPower Gateway 10.6.0.7
	Open Source Redis 7.4.5
	Debian Linux
	Open Source Redis 6.2.19
	Open Source Redis <8.0.3
	IBM DataPower Gateway 10.5.0.19
	SUSE Linux
	IBM DataPower Gateway 10.6.5.0
	Open Source Redis <7.4.5
	Open Source Redis 8.0.3
	Open Source Redis <7.2.10
	IBM DataPower Gateway <10.5.0.19
	Amazon Linux 2
	Open Source Redis 7.2.10
	IBM DataPower Gateway <10.6.0.7
	Red Hat Enterprise Linux
	Oracle Linux

Exploit Intelligence

CVE-2025-32023 (github-poc)
Exploit for CVE-2025-32023 (github-poc)
PoC & Exploit for CVE-2025-32023 / PlaidCTF 2025 "Zerodeo" (github-poc)
https://bodhi.fedoraproject.org/updates/FEDORA-2025-34895333b5 (circl)
https://github.com/redis/redis/security/advisories/GHSA-rp2m-q4j6-gr43 (circl)
https://github.com/redis/redis/releases/tag/6.2.19 (circl)
https://github.com/redis/redis/releases/tag/7.2.10 (circl)
https://github.com/redis/redis/releases/tag/7.4.5 (circl)
https://github.com/redis/redis/releases/tag/8.0.3 (circl)
https://alas.aws.amazon.com/AL2/ALAS2REDIS6-2025-013.html (circl)

…and 43 more exploits

Timeline

Jul 6, 2025 CVE Published
Oct 23, 2025 CVE Updated
Jan 3, 2026 PoC Published
Apr 1, 2026 Distribution Patch
Apr 1, 2026 Distribution Patch
Apr 1, 2026 Distribution Patch
Apr 1, 2026 Distribution Patch
Apr 1, 2026 Distribution Patch
Apr 1, 2026 Distribution Patch
Apr 1, 2026 Distribution Patch
Apr 1, 2026 Distribution Patch
Apr 1, 2026 Distribution Patch

References

…and 19 more

Open in Interactive Console →

$ Console Community · 100/wk Open console ›