VYPR
Vendor

CometD

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2022-24721HigMar 15, 2022
    risk 0.46cvss 8.1epss 0.01

    CometD is a scalable comet implementation for web messaging. In any version prior to 5.0.11, 6.0.6, and 7.0.6, internal usage of Oort and Seti channels is improperly authorized, so any remote user could subscribe and publish to those channels. By subscribing to those channels, a…

  • CVE-2025-53114higJun 10, 2026
    risk 0.38cvss epss 0.00

    ### Impact Bad clients that always send a fixed batch value while the server is using the acknowledgement extension can cause the unacknowledged message queue to grow indefinitely, eventually resulting in an OutOfMemoryError. Such bad clients would always send: ```json { …