View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2025-48367 severity important: SUSE including 25 source package names (8.0.2-2.17:valkey-8.0.2-150600.13.14.1, redis-6.0.14-150200.6.40.1, …), 49 product×package rows across 26 product lines (Container private-registry/harbor-valkey, Image pr_15_6, … (26 product lines)): Fixed 49.
Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19.