- Description
- Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-770
- Hype score
- Not currently trending
🚨 @Redisinc addresses CVE-2025-32023, CVE-2025-48367. Two HIGH severity flaws (CVSS 7.0-7.5) affecting thousands of companies worldwide. 🧵👇 https://t.co/0q4iY4Xh5B
@gothburz
7 Jul 2025
190 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-48367: DoS in Redis, 7.0 rating❗️ One of two recent vulnerabilities discovered in Redis. Allows an attacker to perform a DoS. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/dFnTWK9GUP #cybersecurity #vulnerability_map https://t.co/9zMhG7JTqi
@Netlas_io
7 Jul 2025
65 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Redis discloses CVE-2025-48367 (CVSSv4 7.0), a DoS flaw where authenticated clients can misuse multi-bulk commands. No direct code fix is planned; reinforce access controls. #Redis #DoSAttack #Cybersecurity #Vulnerability #DataStore https://t.co/ZgUMDJBsAy
@the_yellow_fall
7 Jul 2025
685 Impressions
7 Retweets
12 Likes
3 Bookmarks
0 Replies
0 Quotes