This page provides information about security bulletins for Memorystore for Redis Cluster.
GCP-2025-061
Published: 2025年10月21日
Description
Description
Severity
Notes
A remote code execution vulnerability was found in open-source Redis.
As a result, all versions that Memorystore for Redis Cluster supports are impacted.
By default, clusters in Memorystore for Redis Cluster aren't exposed to
the public internet, so the risk of this vulnerability is Low for
Memorystore for Redis Cluster users who follow Google Cloud's security best practices.
What should you do?
Google has started applying patches automatically, with an estimated
completion date of November 6, 2025. No action is required from you
to receive this fix.
If you want to apply these patches to your clusters in Memorystore for Redis Cluster
earlier than November 6, 2025, then use self-service
maintenance to complete the following actions:
Verify if the version matches the latest patched versions.
If the version isn't the latest maintenance version, then update
your clusters to the latest maintenance version using self-service
maintenance for Memorystore for Redis Cluster.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025年10月29日 UTC."],[],[]]