CVE-2024-6875

MEDIUM

Red Hat Data Grid - Buffer Overflow

Title source: llm
STIX 2.1

Description

A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API.

References (2)

Core 2
Core References
Vendor Advisory vdb-entry x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2024-6875
Issue Tracking issue-tracking x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2298555

Scores

CVSS v3 6.5
EPSS 0.0025
EPSS Percentile 48.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-401
Status published
Products (3)
org.infinispan/infinispan-query Maven
Red Hat/Red Hat Data Grid 8
Red Hat/Red Hat JBoss Data Grid 7
Published Mar 28, 2025
Tracked Since Feb 18, 2026