CVE-2024-47212

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-47212

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47212.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-47212

Published

2025-04-03T21:15:38.523Z

Modified

2025-11-20T12:30:16.693689Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in Iglu Server 0.13.0 and below. It involves sending very large payloads to a particular API endpoint of Iglu Server and can render it completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventually halt.

References

https://support.snowplow.io/hc/en-us/articles/26318139354909-Update-Critical-Snowplow-Security-Updates-Impact-on-Open-Source-Software-Users

Affected packages

Git / github.com/snowplow/iglu-server

Affected ranges

Type: GIT
Repo: https://github.com/snowplow/iglu-server
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

bf55b6a92533de636d2e57a52ffc1c68d863c4ae

Affected versions

0.*

0.10.0

0.10.0-rc1

0.10.0-rc2

0.10.1

0.10.1-rc1

0.10.1-rc3

0.11.0

0.12.0

0.12.1

0.13.0

0.2.0

0.3.0

0.4.0

0.5.0

0.6.0

0.6.1

0.6.2

0.7.0

0.8.0

0.8.1

0.8.1-rc1

0.8.2

0.8.2-rc2

0.8.3

0.8.4

0.8.4-rc1

0.8.5

0.8.6

0.8.7

0.9.0

0.9.1