PT-2025-14800 · Unknown · Iglu Server

Published

2025-04-03

Updated

2025-04-04

CVE-2024-47212

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Iglu Server versions 0.13.0 and below

Description The issue involves sending very large payloads to a particular API endpoint of Iglu Server, which can render it completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventually halt.

Recommendations For Iglu Server versions 0.13.0 and below, consider restricting access to the vulnerable API endpoint until a patch is available. As a temporary workaround, limit the size of payloads that can be sent to the Iglu Server API endpoint to prevent it from becoming unresponsive.

Fix

DoS

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2024-47212

Affected Products

Iglu Server

PT-2025-14800 · Unknown · Iglu Server

CVE-2024-47212

Weakness Enumeration

Related Identifiers

Affected Products

References · 10