In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Allocation of Resources Without Limits or Throttling vulnerabilities in an interactive lesson.
Start learningUpgrade fluent-plugin-s3 to version 1.8.5 or higher.
Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the in_s3 process. An attacker can cause excessive memory consumption by uploading a highly compressed file that decompresses to a large size, leading to resource exhaustion and potential disruption of service.
This vulnerability can be mitigated by applying strict IAM access controls to limit write (PUT) access to the monitored S3 bucket to only trusted services and administrators, preventing untrusted uploads.