CVE-2025-8696

Summary

If an unauthenticated user sends a large amount of data to the Stork UI, it may cause memory and disk use problems for the system running the Stork server. This issue affects Stork versions 1.0.0 through 2.3.0.

Affected Software

VendorProductVersion RangeStatus
ISCStork1.0.0 <= 2.3.0affected

Weaknesses

  • CWE-789: CWE-789 Memory Allocation with Excessive Size Value
  • CWE-779: CWE-779 Logging of Excessive Data

Workarounds

Placing the Stork server behind a firewall or proxy that only allows access from trusted clients, and/or enforces input size limits, is an effective workaround.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References