CVE-2025-29923: go-redis Out-of-Order Response Flaw
🟡 Medium | Source: Microsoft Security Response Center CVE-2025-29923 affects go-redis, a popular Go client library for Redis, where a timeout during the CLIENT SETINFO command at connection establishment can cause responses to be returned out of order. This race condition can result in a client receiving incorrect data, potentially leading to data corruption or unintended application behaviour. Applications using go-redis in Azure or other cloud environments that rely on connection pooling may be silently affected. ...