Impact
An issue in the /util/http/prelude.rs endpoint of Datadog Vector v0.54.0 allows attackers to cause a denial of service by sending a crafted request or payload, which can exhaust server resources or trigger a crash, rendering the service unavailable.
Affected Systems
Datadog Vector version 0.54.0 is affected. The vulnerability originates from the HTTP endpoint /util/http/prelude.rs, and no other product versions are explicitly listed as vulnerable.
Risk and Exploitability
The CVSS score of 6.5 indicates a medium severity vulnerability. With an EPSS score of less than 1%, the likelihood of exploitation is very low, and it is not listed in the CISA KEV catalog. The attack vector is inferred to be network‑based, requiring the attacker to send a malicious HTTP request to the exposed endpoint. If successful, the attacker can disrupt availability for the affected system.
OpenCVE Enrichment