CVE-2024-47214
HIGHDescription
An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47212, but involves a different kind of malicious payload. As above, it can render Iglu Server completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventually halt.
Is your site exposed to CVE-2024-47214?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| snowplow | iglu_server |
References
Frequently Asked Questions
What is CVE-2024-47214? +
How severe is CVE-2024-47214? +
What products are affected by CVE-2024-47214? +
How do I check if I'm vulnerable to CVE-2024-47214? +
Related Vulnerabilities
An issue was discovered in Iglu Server 0.13.0 and below. It involves sending very large payloads to a particular API …
An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously crafted Snowplow event to the pipeline. …
An issue was discovered in Snowbridge setups sending data to Google Tag Manager Server Side. It involves attaching an invalid …
This vulnerability affects Snowplow Collector 3.x before 3.3.0 (unless it’s set up behind a reverse proxy that establishes payload limits). …
An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47214, but involves an authenticated endpoint. …