GHSA-2q39-w2hw-2pjm

Source

https://github.com/advisories/GHSA-2q39-w2hw-2pjm

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/03/GHSA-2q39-w2hw-2pjm/GHSA-2q39-w2hw-2pjm.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-2q39-w2hw-2pjm

Aliases

CVE-2024-6875

Published

2025-03-28T21:30:47Z

Modified

2025-03-31T17:04:46.959571Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

Infinispan Potential Out of Memory Error via REST Compare API Buffer API

Details

A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API.

Database specific

{
    "nvd_published_at": "2025-03-28T21:15:17Z",
    "cwe_ids": [
        "CWE-401"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2025-03-31T16:10:04Z"
}

References

Affected packages

Maven / org.infinispan:infinispan-query

Package

Name: org.infinispan:infinispan-query; View open source insights on deps.dev
Purl: pkg:maven/org.infinispan/infinispan-query

Affected ranges

Affected versions

15.*

15.1.0.Dev01

Maven / org.infinispan:infinispan-query

Package

Name: org.infinispan:infinispan-query; View open source insights on deps.dev
Purl: pkg:maven/org.infinispan/infinispan-query

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

15.0.5.Final

Affected versions

5.*

5.0.0.FINAL

5.0.1.FINAL

5.1.0.ALPHA1

5.1.0.ALPHA2

5.1.0.BETA1

5.1.0.BETA2

5.1.0.BETA3

5.1.0.BETA4

5.1.0.BETA5

5.1.0.CR1

5.1.0.CR2

5.1.0.CR3

5.1.0.CR4

5.1.0.FINAL

5.1.1.CR1

5.1.1.FINAL

5.1.2.CR1

5.1.2.FINAL

5.1.3.CR1

5.1.3.FINAL

5.1.4.CR1

5.1.4.FINAL

5.1.5.CR1

5.1.5.FINAL

5.1.6.FINAL

5.1.7.Final

5.1.8.Final

5.2.0.ALPHA1

5.2.0.ALPHA2

5.2.0.Alpha3

5.2.0.Alpha4

5.2.0.Beta1

5.2.0.Beta2

5.2.0.Beta3

5.2.0.Beta4

5.2.0.Beta5

5.2.0.Beta6

5.2.0.CR1

5.2.0.CR2

5.2.0.CR3

5.2.0.Final

5.2.1.Final

5.2.2.Final

5.2.3.Final

5.2.4.Final

5.2.5.Final

5.2.6.Final

5.2.7.Final

5.2.8.CR1

5.2.8.Final

5.2.9.Final

5.2.10.Final

5.2.11.CR1

5.2.11.Final

5.2.12.Final

5.2.13.Final

5.2.14.Final

5.2.15.Final

5.2.18.Final

5.2.19.Final

5.2.20.Final

5.3.0.Alpha1

5.3.0.Beta1

5.3.0.Beta2

5.3.0.CR1

5.3.0.CR2

5.3.0.Final

6.*

6.0.0.Alpha1

6.0.0.Alpha2

6.0.0.Alpha3

6.0.0.Alpha4

6.0.0.Beta1

6.0.0.Beta2

6.0.0.CR1

6.0.0.Final

6.0.1.Final

6.0.2.Final

7.*

7.0.0.Alpha1

7.0.0.Alpha2

7.0.0.Alpha3

7.0.0.Alpha4

7.0.0.Alpha5

7.0.0.Beta1

7.0.0.Beta2

7.0.0.CR1

7.0.0.CR2

7.0.0.Final

7.0.1.Final

7.0.2.Final

7.0.3.Final

7.1.0.Alpha1

7.1.0.Beta1

7.1.0.CR1

7.1.0.CR2

7.1.0.Final

7.1.1.Final

7.2.0.Alpha1

7.2.0.Beta1

7.2.0.Beta2

7.2.0.CR1

7.2.0.Final

7.2.1.Final

7.2.2.Final

7.2.3.Final

7.2.4.Final

7.2.5.Final

8.*

8.0.0.Alpha1

8.0.0.Alpha2

8.0.0.Beta1

8.0.0.Beta2

8.0.0.Beta3

8.0.0.CR1

8.0.0.Final

8.0.1.Final

8.0.2.Final

8.1.0.Alpha1

8.1.0.Alpha2

8.1.0.Beta1

8.1.0.CR1

8.1.0.Final

8.1.1.Final

8.1.2.Final

8.1.3.Final

8.1.4.Final

8.1.5.Final

8.1.6.Final

8.1.7.Final

8.1.8.Final

8.1.9.Final

8.2.0.Beta1

8.2.0.Beta2

8.2.0.CR1

8.2.0.Final

8.2.1.Final

8.2.2.Final

8.2.3.Final

8.2.4.Final

8.2.5.Final

8.2.6.Final

8.2.7.Final

8.2.8.Final

8.2.10.Final

8.2.11.Final

8.2.12.Final

9.*

9.0.0.Alpha1

9.0.0.Alpha2

9.0.0.Alpha3

9.0.0.Alpha4

9.0.0.Beta1

9.0.0.Beta2

9.0.0.CR1

9.0.0.CR2

9.0.0.CR3

9.0.0.CR4

9.0.0.Final

9.0.1.Final

9.0.2.Final

9.0.3.Final

9.1.0.Alpha1

9.1.0.Beta1

9.1.0.CR1

9.1.0.Final

9.1.1.Final

9.1.2.Final

9.1.3.Final

9.1.4.Final

9.1.5.Final

9.1.6.Final

9.1.7.Final

9.2.0.Alpha1

9.2.0.Alpha2

9.2.0.Beta1

9.2.0.Beta2

9.2.0.CR1

9.2.0.CR2

9.2.0.CR3

9.2.0.Final

9.2.1.Final

9.2.2.Final

9.2.3.Final

9.2.4.Final

9.2.5.Final

9.3.0.Alpha1

9.3.0.Beta1

9.3.0.CR1

9.3.0.Final

9.3.1.Final

9.3.2.Final

9.3.3.Final

9.3.4.Final

9.3.5.Final

9.3.6.Final

9.3.8.Final

9.3.9.Final

9.4.0.Alpha1

9.4.0.Beta1

9.4.0.CR1

9.4.0.CR2

9.4.0.CR3

9.4.0.Final

9.4.1.Final

9.4.2.Final

9.4.3.Final

9.4.4.Final

9.4.5.Final

9.4.6.Final

9.4.7.Final

9.4.8.Final

9.4.9.Final

9.4.10.Final

9.4.11.Final

9.4.12.Final

9.4.13.Final

9.4.14.Final

9.4.15.Final

9.4.16.Final

9.4.17.Final

9.4.18.Final

9.4.19.Final

9.4.20.Final

9.4.21.Final

9.4.22.Final

9.4.23.Final

9.4.24.Final

10.*

10.0.0.Alpha1

10.0.0.Alpha2

10.0.0.Alpha3

10.0.0.Beta1

10.0.0.Beta2

10.0.0.Beta3

10.0.0.Beta4

10.0.0.Beta5

10.0.0.CR1

10.0.0.CR2

10.0.0.CR3

10.0.0.Final

10.0.1.Final

10.1.0.Beta1

10.1.0.CR1

10.1.0.Final

10.1.1.Final

10.1.2.Final

10.1.3.Final

10.1.4.Final

10.1.5.Final

10.1.6.Final

10.1.7.Final

10.1.8.Final

10.1.9.Final

11.*

11.0.0.Alpha

11.0.0.Alpha1

11.0.0.Alpha2

11.0.0.CR1

11.0.0.Final

11.0.0.Dev03

11.0.0.Dev04

11.0.0.Dev05

11.0.1.Final

11.0.2.Final

11.0.3.Final

11.0.4.Final

11.0.5.Final

11.0.6.Final

11.0.7.Final

11.0.8.Final

11.0.9.Final

11.0.10.Final

11.0.11.Final

11.0.13.Final

11.0.14.Final

11.0.15.Final

11.0.16.Final

11.0.17.Final

11.0.18.Final

11.0.19.Final

12.*

12.0.0.CR1

12.0.0.Final

12.0.0.Dev01

12.0.0.Dev02

12.0.0.Dev03

12.0.0.Dev3

12.0.0.Dev04

12.0.0.Dev05

12.0.0.Dev06

12.0.0.Dev07

12.0.1.Final

12.0.2.Final

12.1.0.CR1

12.1.0.CR2

12.1.0.Final

12.1.0.Dev01

12.1.1.Final

12.1.2.Final

12.1.3.Final

12.1.4.Final

12.1.5.Final

12.1.6.Final

12.1.7.Final

12.1.8.Final

12.1.9.Final

12.1.10.Final

12.1.11.Final

12.1.12.Final

12.1.13.Final

12.1.14.Final

12.1.15.Final

12.1.16.Final

13.*

13.0.0.CR1

13.0.0.CR2

13.0.0.Final

13.0.0.Dev01

13.0.0.Dev02

13.0.0.Dev03

13.0.0.Dev04

13.0.1.Final

13.0.2.Final

13.0.3.Final

13.0.4.Final

13.0.5.Final

13.0.6.Final

13.0.7.Final

13.0.8.Final

13.0.9.Final

13.0.10.Final

13.0.11.Final

13.0.12.Final

13.0.13.Final

13.0.14.Final

13.0.15.Final

13.0.16.Final

13.0.17.Final

13.0.18.Final

13.0.19.Final

13.0.20.Final

13.0.21.Final

13.0.22.Final

14.*

14.0.0.CR1

14.0.0.CR2

14.0.0.Final

14.0.0.Dev01

14.0.0.Dev02

14.0.0.Dev03

14.0.0.Dev04

14.0.1.Final

14.0.2.Final

14.0.3.Final

14.0.4.Final

14.0.5.Final

14.0.6.Final

14.0.7.Final

14.0.8.Final

14.0.9.Final

14.0.10.Final

14.0.11.Final

14.0.12.Final

14.0.13.Final

14.0.14.Final

14.0.15.Final

14.0.16.Final

14.0.17.Final

14.0.18.Final

14.0.19.Final

14.0.20.Final

14.0.21.Final

14.0.22.Final

14.0.23.Final

14.0.24.Final

14.0.25.Final

14.0.26.Final

14.0.27.Final

14.0.28.Final

14.0.29.Final

14.0.30.Final

14.0.31.Final

14.0.32.Final

14.0.33.Final

14.0.34.Final

15.*

15.0.0.CR1

15.0.0.Final

15.0.0.Dev01

15.0.0.Dev02

15.0.0.Dev03

15.0.0.Dev04

15.0.0.Dev05

15.0.0.Dev06

15.0.0.Dev07

15.0.0.Dev08

15.0.0.Dev09

15.0.0.Dev10

15.0.1.Final

15.0.2.Final

15.0.3.Final

15.0.4.Final

15.0.5.Final