CVE-2025-3864 – Hackney HTTP Connection Pool Exhaustion Vulnerability

CVE ID : CVE-2025-3864

Published : May 28, 2025, 12:15 p.m. | 1 hour, 28 minutes ago

Description : Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library.
Fix for this issue has been included in 1.24.0 release.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…