A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. An authenticated attacker with sufficient permissions could insert a maliciously constructed object into the cache and use it to cause out of memory errors and achieve a denial of service.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Data_grid | Redhat | * | 8.4.4 (excluding) |