High severityNVD Advisory· Published Mar 18, 2021· Updated Aug 3, 2024
CVE-2021-28667
CVE-2021-28667
Description
StackStorm before 3.4.1, in some situations, has an infinite loop that consumes all available memory and disk space. This can occur if Python 3.x is used, the locale is not utf-8, and there is an attempt to log Unicode data (from an action or rule name).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
st2clientPyPI | < 3.4.1 | 3.4.1 |
Affected products
2- StackStorm/StackStormdescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-39mj-fpg2-3jrgghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-28667ghsaADVISORY
- stackstorm.com/2021/03/10/stackstorm-v3-4-1-security-fixghsaWEB
- stackstorm.com/2021/03/10/stackstorm-v3-4-1-security-fix/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.