CVE-2024-6875: Infinispan Potential Out of Memory Error via REST Compare API Buffer API

March 28, 2025 (updated March 31, 2025)

A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API.

References

access.redhat.com/security/cve/CVE-2024-6875
bugzilla.redhat.com/show_bug.cgi?id=2298555
github.com/advisories/GHSA-2q39-w2hw-2pjm
github.com/infinispan/infinispan
nvd.nist.gov/vuln/detail/CVE-2024-6875

Code Behaviors & Features

Detect and mitigate CVE-2024-6875 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →