Low severity3.7OSV Advisory· Published May 14, 2024· Updated Apr 15, 2026
CVE-2024-34079
CVE-2024-34079
Description
octo-sts is a GitHub App that acts like a Security Token Service (STS) for the Github API. This vulnerability can spike the resource utilization of the STS service, and combined with a significant traffic volume could potentially lead to a denial of service. This vulnerability is fixed in 0.1.0
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/octo-sts/appGo | < 0.1.0 | 0.1.0 |
Affected products
6- osv-coords5 versionspkg:apk/chainguard/octo-stspkg:apk/chainguard/octo-sts-webhookpkg:apk/wolfi/octo-stspkg:apk/wolfi/octo-sts-webhookpkg:golang/github.com/octo-sts/app
< 0+ 4 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0.1.0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.