CVE-2024-47215

High CVSS: 7.5

An issue was discovered in Snowbridge setups sending data to Google Tag Manager Server Side. It involves attaching an invalid GTM SS preview header to events, causing them to be retried indefinitely. As a result, the performance of forwarding events to GTM SS overall can be affected (latency, throughput).

Vendor

Snowplow

Product

Snowbridge

CWE

CWE-703

Yayın Tarihi

2025-04-03 21:15:38

Güncelleme

2025-04-23 14:55:42

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-703 Snowbridge HIGH Snowplow 2025

Referanslar

https://support.snowplow.io/hc/en-us/articles/26318139354909-Update-Critical-Snowplow-Security-Updates-Impact-on-Open-Source-Software-Users

Benzer Kayıtlar

High

CVE-2024-56528

This vulnerability affects Snowplow Collector 3.x before 3.3.0 (unless it’s set up behind a reverse proxy that establish…

High

CVE-2024-47212

An issue was discovered in Iglu Server 0.13.0 and below. It involves sending very large payloads to a particular API end…

High

CVE-2024-47213

An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously crafted Snowplow event to th…

High

CVE-2024-47214

An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47212, but involves a different kind…

Medium

CVE-2024-47217

An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47214, but involves an authenticated…