Security Advisory

CVE-2025-3864

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-28 11:19:15

Last updated 2026-01-26 12:13:02

Assigner CERT-PL

State PUBLISHED

Description

Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue has been included in 1.24.0 release.

← Browse all CVEs View on cve.org ↗