AWS Security ChangesHomeSearch

AWS memorydb high security documentation change

Service: memorydb · 2025-10-10 · Security-related high

File: memorydb/latest/devguide/cve.md

Summary

Added new CVEs (CVE-2025-49844, CVE-2025-46817, etc.) and updated CVE mappings for Valkey/Redis versions, including corrections to existing entries.

Security assessment

Directly documents newly addressed security vulnerabilities via CVE entries. The addition of CVEs like CVE-2025-49844 and updates to existing vulnerability mappings constitute concrete evidence of security-related documentation.

Diff

diff --git a/memorydb/latest/devguide/cve.md b/memorydb/latest/devguide/cve.md
index 67052b643..9312e22f2 100644
--- a//memorydb/latest/devguide/cve.md
+++ b//memorydb/latest/devguide/cve.md
@@ -23,0 +24 @@ MemoryDB version | CVEs Addressed
+Valkey 7.3 and all previous versions of Valkey Redis OSS 7.1 and all previous versions of Redis OSS |  [CVE-2025-49844](https://www.cve.org/CVERecord?id=CVE-2025-49844)*, [CVE-2025-46817](https://www.cve.org/CVERecord?id=CVE-2025-46817)*, [CVE-2025-46818](https://www.cve.org/CVERecord?id=CVE-2025-46818)*, [CVE-2025-46819](https://www.cve.org/CVERecord?id=CVE-2025-46819)*   
@@ -25,3 +26,3 @@ Valkey 7.2 and 7.3 |  [CVE-2025-21607](https://cve.mitre.org/cgi-bin/cvename.cgi
-Redis OSS 7.1 and 6.2 |  [CVE-2025-21605](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21605)*, [CVE-2024-31449](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31449)*, [CVE-2024-31227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31227)*, [CVE-2024-31228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31228)*   
-Redis OSS 6.0.5 |  [CVE-2022-24735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24735)*, [CVE-2022-24736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24736)*  
-Redis OSS 6.2.6 |  [CVE-2022-24834](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24834)*, [CVE-2022-35977](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35977)*, [CVE-2022-36021](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36021)*, [CVE-2022-24735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24735), [CVE-2022-24736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24736), [CVE-2023-22458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22458), [CVE-2023-25155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25155) [CVE-2023-28856](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28856), [CVE-2023-45145](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45145)  
+Valkey 7.2.7 |  [CVE-2024-51741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-51741)  
+Redis OSS 7.1 and 6.2 |  [CVE-2025-21605](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21605)*, [CVE-2024-31449](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31449)*, [CVE-2024-31227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31227)*, [CVE-2024-31228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31228)*, [CVE-2023-41056](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41056)  
+Redis OSS 7.0.7 |  [CVE-2023-41056](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41056)*   
@@ -29,3 +30,2 @@ Redis OSS 6.2.7 |  [CVE-2024-46981](https://cve.mitre.org/cgi-bin/cvename.cgi?na
-Redis OSS 7.0.7 |  [CVE-2023-41056](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41056)*, [CVE-2022-24834](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24834)*, [CVE-2022-35977](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35977), [CVE-2022-36021](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36021), [CVE-2022-24735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24735), [CVE-2022-24736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24736)  
-Redis OSS 7.1.0 |  [CVE-2023-41056](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41056), [CVE-2022-24834](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24834), [CVE-2022-35977](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35977), [CVE-2022-36021](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36021), [CVE-2022-24735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24735), [CVE-2022-24736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24736)  
-Redis OSS 7.2.7 |  [CVE-2024-51741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-51741)  
+Redis OSS 6.2.6 |  [CVE-2022-24834](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24834)*, [CVE-2022-35977](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35977)*, [CVE-2022-36021](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36021)*, [CVE-2023-22458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22458), [CVE-2023-25155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25155), [CVE-2023-28856](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28856) [CVE-2023-45145](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45145): Note that this CVE has been addressed in Redis OSS 6.2 and 7.0 but not in Redis OSS 7.1.   
+Redis OSS 6.0.5 |  [CVE-2022-24735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24735)*, [CVE-2022-24736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24736)*