Primary

Context

PingFederate Google Adapter Thread Exhaustion Vulnerability

Vulnerability

Patched

A vulnerability in the PingFederate Google Adapter has been identified, stemming from improper management of non-200 HTTP responses. This issue can lead to thread exhaustion under normal usage conditions, potentially causing a denial-of-service scenario.

Impact

Exploitation of this vulnerability can result in thread exhaustion, disrupting normal service operations and potentially causing a denial-of-service condition.

Remediation

Users are advised to upgrade to the latest version of the PingFederate Google Login Integration Kit to address this vulnerability. The updated version can be downloaded from the Ping Identity Downloads page.

Added: Jun 15, 2025, 3:18 PM

Updated: Jun 15, 2025, 3:18 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

5.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

10.0

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

5.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

10.0

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PingFederate Google Adapter Thread Exhaustion Vulnerability

Vulnerability

Impact

Remediation

Affected Products

PingFederate

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating