CVE-2021-28667

Name of the Vulnerable Software and Affected Versions: StackStorm versions prior to 3.4.1

Description: The issue occurs when Python 3.x is used, the locale is not utf-8, and there is an attempt to log Unicode data from an action or rule name, resulting in an infinite loop that consumes all available memory and disk space.

Recommendations: For versions prior to 3.4.1, update to version 3.4.1 or later to resolve the issue. As a temporary workaround, consider setting the locale to utf-8 to prevent the infinite loop. Additionally, restrict logging of Unicode data from action or rule names until the update is applied.