{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T14:59:17.265","vulnerabilities":[{"cve":{"id":"CVE-2024-56528","sourceIdentifier":"cve@mitre.org","published":"2025-04-03T21:15:39.100","lastModified":"2025-04-15T19:29:19.070","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"This vulnerability affects Snowplow Collector 3.x before 3.3.0 (unless it’s set up behind a reverse proxy that establishes payload limits). It involves sending very large payloads to the Collector and can render it unresponsive to the rest of the requests. As a result, data would not enter the pipeline and would be potentially lost."},{"lang":"es","value":"Esta vulnerabilidad afecta a Snowplow Collector 3.x anterior a la 3.3.0 (a menos que esté configurado tras un proxy inverso que limite el payload). Implica el envío de payloads muy grandes al Collector, lo que puede impedir que responda al resto de las solicitudes. Como resultado, los datos no entrarían en la canalización y podrían perderse."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:snowplow:stream_collector:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.3.0","matchCriteriaId":"0EA51EF2-3A9A-433B-843C-C69D7A18F252"}]}]}],"references":[{"url":"https://support.snowplow.io/hc/en-us/articles/26318139354909-Update-Critical-Snowplow-Security-Updates-Impact-on-Open-Source-Software-Users","source":"cve@mitre.org","tags":["Patch","Release Notes"]}]}}]}