CVE-2024-6875

Name of the Vulnerable Software and Affected Versions Red Hat JBoss Data Grid versions 7 through 8

Description A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API.

Recommendations For Red Hat JBoss Data Grid versions 7 through 8, consider restricting access to the REST compare API to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid sending large POST data to the REST API.