CVE-2024-47212

High CVSS: 7.5

An issue was discovered in Iglu Server 0.13.0 and below. It involves sending very large payloads to a particular API endpoint of Iglu Server and can render it completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventually halt.

Vendor

Snowplow

Product

Iglu Server

CWE

CWE-400

Yayın Tarihi

2025-04-03 21:15:38

Güncelleme

2025-04-08 20:06:27

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-400 Iglu Server HIGH Snowplow 2025

Referanslar

https://support.snowplow.io/hc/en-us/articles/26318139354909-Update-Critical-Snowplow-Security-Updates-Impact-on-Open-Source-Software-Users

Benzer Kayıtlar

High

CVE-2024-56528

This vulnerability affects Snowplow Collector 3.x before 3.3.0 (unless it’s set up behind a reverse proxy that establish…

High

CVE-2024-47213

An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously crafted Snowplow event to th…

High

CVE-2024-47214

An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47212, but involves a different kind…

High

CVE-2024-47215

An issue was discovered in Snowbridge setups sending data to Google Tag Manager Server Side. It involves attaching an in…

Medium

CVE-2024-47217

An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47214, but involves an authenticated…