Hackney · Hackney · CVE-2025-3864
**Name of the Vulnerable Software and Affected Versions**
Hackney versions prior to 1.24.0
**Description**
The issue arises from Hackney's failure to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. This allows remote attackers to exhaust connection pools, resulting in denial of service in applications that use the library.
**Recommendations**
For versions prior to 1.24.0, update to version 1.24.0 to resolve the issue.