Описание
octo-sts is a GitHub App that acts like a Security Token Service (STS) for the Github API. This vulnerability can spike the resource utilization of the STS service, and combined with a significant traffic volume could potentially lead to a denial of service. This vulnerability is fixed in 0.1.0
Ссылки
EPSS
Процентиль: 18%
0.00056
Низкий
3.7 Low
CVSS3
Дефекты
CWE-400
Связанные уязвимости
CVSS3: 3.7
github
больше 1 года назад
octo-sts vulnerable to unauthenticated attacker causing unbounded CPU and memory usage
EPSS
Процентиль: 18%
0.00056
Низкий
3.7 Low
CVSS3
Дефекты
CWE-400