Snowbridge Google Tag Manager Server-Side Integration Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Snowbridge setups that send data to Google Tag Manager (GTM) Server Side. The issue arises from attaching an invalid GTM SS preview header to events, which causes these events to be retried indefinitely. This behavior can negatively impact the overall performance of event forwarding to GTM SS, leading to increased latency and decreased throughput.

Impact

Exploitation of this vulnerability can cause events to be retried indefinitely, disrupting the normal flow of data to Google Tag Manager Server Side. This can result in increased latency and decreased throughput, affecting the performance of event tracking and management.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Snowbridge Google Tag Manager Server-Side Integration Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

Snowbridge

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating