{"affected":[{"ecosystem_specific":{"binaries":[{"valkey":"8.0.2-150700.3.5.1","valkey-compat-redis":"8.0.2-150700.3.5.1","valkey-devel":"8.0.2-150700.3.5.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Server Applications 15 SP7","name":"valkey","purl":"pkg:rpm/suse/valkey&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.0.2-150700.3.5.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for valkey fixes the following issues:\n\n- CVE-2025-27151: Absence of filename size check may cause a stack\n  overflow (bsc#1243804)\n- CVE-2025-49112: setDeferredReply integer underflow (bsc#1243913)\n- CVE-2025-21605: Output buffer denial of service (bsc#1241708)\n","id":"SUSE-SU-2025:01942-1","modified":"2025-06-13T08:33:49Z","published":"2025-06-13T08:33:49Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202501942-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241708"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243061"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243804"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243913"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21605"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-27151"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-49112"}],"related":["CVE-2025-21605","CVE-2025-27151","CVE-2025-49112"],"summary":"Security update for valkey","upstream":["CVE-2025-21605","CVE-2025-27151","CVE-2025-49112"]}