CVE-2021-28667

StackStorm before 3.4.1 is affected by an infinite-loop vulnerability that can consume all available memory and disk space when logging Unicode data if Python 3.x is used and the locale is not UTF-8. Root cause is an unbounded loop triggered during logging of Unicode data from actions or rules. I...

CVE-2022-43706

CVE-2022-43706 affects StackStorm Web UI prior to 3.8.0. The vulnerability is a cross-site scripting (XSS) flaw where a logged-in user with write access to pack rules can inject script/HTML that may execute in the Web UI for other users. The issue stems from insufficient input sanitization in the...

CVE-2022-44009

StackStorm 3.7.0 is affected by an improper access control flaw in Key-Value RBAC, where permissions checks are not applied in Jinja filters. This could allow an attacker to access another user’s K/V pairs and potentially expose sensitive information. The provided documents consistently describe ...

CVE-2019-9580

CVE-2019-9580 affects StackStorm’s Web UI (st2web) prior to versions 2.9.3 and 2.10.x prior to 2.10.3. The root cause is improper handling of CORS headers, where an unknown/null origin could be accepted, potentially enabling XSS and related cross-domain actions via a crafted link. Exploitation de...

CVE-2018-20345

CVE-2018-20345 describes an incorrect access-control flaw in the StackStorm StackStorm API (st2api). Before 2.9.2 and before 2.10.1 (in 2.10.x), an authenticated StackStorm user could query datastore items for other users via /v1/keys with parameters ?scope=all and ?user=. Enterprise editions wit...

CVE-2021-44657

CVE-2021-44657 affects StackStorm versions before 3.6.0, where the Jinja interpreter was not run in sandbox mode, enabling unsafe system command execution. The issue stems from Jinja not enabling sandboxed mode by default for backwards compatibility; StackStorm now forces sandboxed Jinja by defau...