FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-04-25 06:28:01 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
af8d043f-20df-11f0-b9c5-000c295725e4	redis,valkey -- DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client Axel Mierczuk reports: By default, the Redis configuration does not limit the output buffer of normal clients (see client-output-buffer-limit). Therefore, the output buffer can grow unlimitedly over time. As a result, the service is exhausted and the memory is unavailable. When password authentication is enabled on the Redis server, but no password is provided, the client can still cause the output buffer to grow from "NOAUTH" responses until the system will run out of memory. Discovery 2025-04-23 Entry 2025-04-24 redis < 7.4.3 redis72 < 7.2,8 redis62 < 6.2.18 valkey < 8.1.1 CVE-2025-21605 https://github.com/redis/redis/security/advisories/GHSA-r67f-p999-2gff

VuXML ID

Description

af8d043f-20df-11f0-b9c5-000c295725e4

redis,valkey -- DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Axel Mierczuk reports:

By default, the Redis configuration does not limit the output buffer of normal clients (see client-output-buffer-limit). Therefore, the output buffer can grow unlimitedly over time. As a result, the service is exhausted and the memory is unavailable.

When password authentication is enabled on the Redis server, but no password is provided, the client can still cause the output buffer to grow from "NOAUTH" responses until the system will run out of memory.

Discovery 2025-04-23
Entry 2025-04-24
redis

< 7.4.3

redis72

< 7.2,8

redis62

< 6.2.18

valkey

< 8.1.1

CVE-2025-21605
https://github.com/redis/redis/security/advisories/GHSA-r67f-p999-2gff