CVE-2024-47214

High CVSS: 7.5

An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47212, but involves a different kind of malicious payload. As above, it can render Iglu Server completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventually halt.

Vendor

Snowplow

Product

Iglu Server

CWE

NVD-CWE-noinfo

Yayın Tarihi

2025-04-03 21:15:38

Güncelleme

2025-04-10 13:51:22

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

NVD-CWE-noinfo Iglu Server HIGH Snowplow 2025

Referanslar

https://support.snowplow.io/hc/en-us/articles/26318139354909-Update-Critical-Snowplow-Security-Updates-Impact-on-Open-Source-Software-Users

Benzer Kayıtlar

High

CVE-2024-56528

This vulnerability affects Snowplow Collector 3.x before 3.3.0 (unless it’s set up behind a reverse proxy that establish…

High

CVE-2024-47212

An issue was discovered in Iglu Server 0.13.0 and below. It involves sending very large payloads to a particular API end…

High

CVE-2024-47213

An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously crafted Snowplow event to th…

High

CVE-2024-47215

An issue was discovered in Snowbridge setups sending data to Google Tag Manager Server Side. It involves attaching an in…

Medium

CVE-2024-47217

An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47214, but involves an authenticated…