CVE-2025-14969

Name of the Vulnerable Software and Affected Versions Hibernate Reactive (affected versions not specified)

Description A flaw exists in Hibernate Reactive where a remote client can prematurely close an HTTP connection when an HTTP endpoint is exposed to perform database operations. This can lead to connection leaks from the database connection pool, potentially resulting in a Denial of Service (DoS) by exhausting available database connections. The issue involves the premature closing of the HTTP connection, impacting database connection management.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.