Monetr
Monthly
Uncontrolled memory consumption in monetr 1.12.3 and earlier allows remote unauthenticated attackers to trigger denial of service by sending oversized payloads to the public Stripe webhook endpoint. The vulnerability affects deployments with Stripe webhooks enabled and lacks upstream body-size enforcement. Version 1.12.4 provides a fix. EPSS and KEV data not available; no public exploit confirmed at time of analysis, though the attack method is straightforward (8.2 CVSS reflecting high availability impact with low complexity).
Uncontrolled memory consumption in monetr 1.12.3 and earlier allows remote unauthenticated attackers to trigger denial of service by sending oversized payloads to the public Stripe webhook endpoint. The vulnerability affects deployments with Stripe webhooks enabled and lacks upstream body-size enforcement. Version 1.12.4 provides a fix. EPSS and KEV data not available; no public exploit confirmed at time of analysis, though the attack method is straightforward (8.2 CVSS reflecting high availability impact with low complexity).