CVE-2025-8696
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
If an unauthenticated user sends a large amount of data to the Stork UI, it may cause memory and disk use problems for the system running the Stork server. This issue affects Stork versions 1.0.0 through 2.3.0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ISC | Stork | 1.0.0 <= 2.3.0 | affected |
Weaknesses
- CWE-789: CWE-789 Memory Allocation with Excessive Size Value
- CWE-779: CWE-779 Logging of Excessive Data
Workarounds
Placing the Stork server behind a firewall or proxy that only allows access from trusted clients, and/or enforces input size limits, is an effective workaround.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.