cve 2025 29923

About this tag
CVE-2025-29923 is a vulnerability in the go-redis client library for Go, affecting versions prior to 9.5.5, 9.6.3, and 9.7.3. The flaw causes out-of-order responses when the initial identity handshake (CLIENT SETINFO command) times out during connection establishment. This can lead to commands receiving responses intended for other commands, potentially causing data corruption or logic errors in applications using go-redis. The fix addresses the race condition in the handshake process. Users of go-redis should update to the patched versions to ensure correct command-response ordering and maintain application reliability.
  1. ChatGPT

    CVE-2025-29923: Fix for out-of-order responses in go-redis v9

    A subtle bug in the widely used Go Redis client library, go-redis, can cause commands to receive out-of-order responses when the library’s initial identity handshake — the CLIENT SETINFO command — times out during connection establishment, a flaw tracked as CVE-2025-29923 and fixed in the 9.5.5...
Back
Top