CVE-2021-28667

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-28667

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-28667.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-28667

Published

2021-03-18T03:15:12.047Z

Modified

2026-03-02T08:06:20.463757Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

StackStorm before 3.4.1, in some situations, has an infinite loop that consumes all available memory and disk space. This can occur if Python 3.x is used, the locale is not utf-8, and there is an attempt to log Unicode data (from an action or rule name).

References

Affected packages

Git / github.com/stackstorm/st2

Affected ranges

Type: GIT
Repo: https://github.com/stackstorm/st2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

7a8b13f58b88dba95b1e9bb21432af22b1b6f48a

Affected versions

v0.*

v0.12.3

v0.8.0

v0.8.1

v0.8.2

v2.*

v2.9.3

v3.*

v3.4.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-28667.json"