AWS Security ChangesHomeSearch

AWS AmazonElastiCache high security documentation change

Service: AmazonElastiCache · 2025-10-01 · Security-related high

File: AmazonElastiCache/latest/dg/cve.md

Summary

Updated CVE table with new Valkey/Redis versions and addressed vulnerabilities, including CVE-2025-21607 and others

Security assessment

The changes explicitly document newly addressed CVEs (e.g., CVE-2025-21607, CVE-2024-51741) across multiple Redis/Valkey versions, providing concrete evidence of security vulnerability remediation. This directly informs users about patched security issues.

Diff

diff --git a/AmazonElastiCache/latest/dg/cve.md b/AmazonElastiCache/latest/dg/cve.md
index f2f0e90db..cfa44bfa9 100644
--- a//AmazonElastiCache/latest/dg/cve.md
+++ b//AmazonElastiCache/latest/dg/cve.md
@@ -22 +22 @@ You can use the following table to verify whether a particular version of Elasti
-ElastiCache for Redis OSS version | CVEs Addressed  
+ElastiCache version | CVEs Addressed  
@@ -23,0 +24,6 @@ ElastiCache for Redis OSS version | CVEs Addressed
+Valkey 7.2 and 7.3 |  [CVE-2025-21607](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21607)*, [CVE-2025-21605](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21605)*, [CVE-2024-31449](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31449)*, [CVE-2024-31227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31227)*, [CVE-2024-31228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31228)*   
+Redis OSS 7.2.7 |  [CVE-2024-51741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-51741)  
+Redis OSS 7.1 and 6.2 |  [CVE-2025-21605](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21605)*, [CVE-2024-31449](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31449)*, [CVE-2024-31227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31227)*, [CVE-2024-31228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31228)*, [CVE-2023-41056](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41056)  
+Redis OSS 7.0.7 |  [CVE-2023-41056](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41056)*   
+Redis OSS 6.2.7 |  [CVE-2024-46981](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46981)  
+Redis OSS 6.2.6 |  [CVE-2022-24834](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24834)*, [CVE-2022-35977](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35977)*, [CVE-2022-36021](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36021)*, [CVE-2023-22458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22458), [CVE-2023-25155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25155), [CVE-2023-28856](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28856) [CVE-2023-45145](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45145): Note that this CVE has been addressed in Redis OSS 6.2 and 7.0 but not in Redis OSS 7.1.   
@@ -25,3 +30,0 @@ Redis OSS 6.0.5 |  [CVE-2022-24735](https://cve.mitre.org/cgi-bin/cvename.cgi?na
-Redis OSS 6.2.6 |  [CVE-2022-24834](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24834)*, [CVE-2022-35977](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35977)*, [CVE-2022-36021](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36021)*, [CVE-2022-24735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24735), [CVE-2022-24736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24736), [CVE-2023-22458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22458), [CVE-2023-25155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25155) [CVE-2023-28856](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28856), [CVE-2023-45145](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45145)  
-Redis OSS 7.0.7 |  [CVE-2023-41056](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41056)*, [CVE-2022-24834](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24834)*, [CVE-2022-35977](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35977), [CVE-2022-36021](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36021), [CVE-2022-24735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24735), [CVE-2022-24736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24736)  
-Redis OSS 7.1.0 |  [CVE-2023-41056](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41056), [CVE-2022-24834](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24834), [CVE-2022-35977](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35977), [CVE-2022-36021](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36021), [CVE-2022-24735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24735), [CVE-2022-24736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24736)