OOM via malicious user input vulnerable code snippet References Catalog API endpoint can lead to OOM via malicious user input