Lucene search
GoogleOSV:CVE-2021-3912HistoryNov 11, 2021 - 10:15 p.m.
CVE-2021-3912
2021-11-1122:15:08
Google
osv.dev
6
octorpki
vulnerability
gzip bomb
memory
crash
software
EPSS
0.001
Percentile
44.1%
OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of memory (and thus crash).
Related
prion
prion
Buffer overflow
2021-11-11 22:15:00
debiancve
debiancve
CVE-2021-3912
2021-11-11 22:15:08
veracode
veracode
Denial Of Service (DoS)
2021-11-11 05:24:47
nvd
nvd
CVE-2021-3912
2021-11-11 22:15:08
osv
osv
OctoRPKI crashes when processing GZIP bomb returned via malicious repository
2021-11-10 20:39:23
Resource exhaustion via GZIP bomb in github.com/cloudflare/cfrpki
2022-07-15 23:07:48
cfrpki - security update
2022-01-11 00:00:00
github
github
OctoRPKI crashes when processing GZIP bomb returned via malicious repository
2021-11-10 20:39:23
cve
cve
CVE-2021-3912
2021-11-11 22:15:08
ubuntucve
ubuntucve
CVE-2021-3912
2021-11-11 00:00:00
cvelist
cvelist
openvas
openvas
Debian: Security Advisory (DSA-5041-1)
2022-01-12 00:00:00
nessus
nessus
Debian DSA-5041-1 : cfrpki - security update
2022-01-12 00:00:00
debian
debian
[SECURITY] [DSA 5041-1] cfrpki security update
2022-01-11 21:54:05