Security bulletins
Stay organized with collections
Save and categorize content based on your preferences.
This page provides information about security bulletins for Memorystore for Redis.
GCP-2025-061
Published: 2025-10-21
Description
Description
Severity
Notes
A remote code execution vulnerability was found in open-source Redis.
As a result, all versions that Memorystore for Redis supports are impacted.
By default, Memorystore for Redis instances aren't exposed to
the public internet, so the risk of this vulnerability is Low for
Memorystore for Redis users who follow Google Cloud's security best practices.
What should you do?
Google has started applying patches automatically, with an estimated
completion date of November 6, 2025. No action is required from you
to receive this fix.
If you want to apply these patches to your Memorystore for Redis
instances earlier than November 6, 2025, then use self-service
maintenance to complete the following actions:
Verify if the version matches the latest patched versions.
If the version isn't the latest maintenance version, then update
your instances to the latest maintenance version using self-service
maintenance for Memorystore for Redis.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-10-22 UTC."],[],[]]
