CartServiceImpl.java
[Vulnerable Target View]
// VULNERABLE Causes N+1 performance degradation and potential OOM (Out of Memory)
@Scheduled(cron = "0 0 2 * * *")
@Transactional
public void cleanupAbandonedCarts() {
// PROBLEM 1 Fetches ALL carts into memory.
// If 100k carts are abandoned, this crashes the JVM (Heap space).
List<Cart> allCarts = cartRepository.findAll();
for (Cart cart : allCarts) {
if (cart.getUpdatedAt().isBefore(LocalDateTime.now().minusDays(1))) {
// PROBLEM 2 N+1 Deletes.
// Every call to 'delete' sends a separate network packet to the DB,
// locking the table row-by-row and ballooning transaction logs.
cartRepository.delete(cart);
}
}
}