CVE-2024-6875

Published: Mar 28, 2025Modified: Apr 1, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: secalert@redhat.com (Secondary)

Description

A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API.

Related CWEs

CWE-401

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (2)

https://access.redhat.com/security/cve/CVE-2024-6875

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2298555

Source: secalert@redhat.com

Timeline

No history available yet.