Lucene search
K

186 matches found

NVD
NVD
added 2024/08/24 11:15 p.m.29 views

CVE-2024-45235

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing an Authority Key Identifier extension that lacks the keyIdentifier field. Fort references this pointer without sanitizi...

7.5CVSS0.00305EPSS
Exploits0References2
NVD
NVD
added 2024/08/24 11:15 p.m.28 views

CVE-2024-45236

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a signed object containing an empty signedAttributes field. Fort accesses the set's elements without sanitizing it first. Because Fort is an RPKI Relying...

7.5CVSS0.00481EPSS
Exploits0References2
OSV
OSV
added 2024/08/24 11:15 p.m.1 views

DEBIAN-CVE-2024-45239

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a null eContent field. Fort dereferences the pointer without sanitizing it first. Because Fort is an RPKI Relying Party, ...

7.5CVSS5.3AI score0.00481EPSS
Exploits0References1
NVD
NVD
added 2024/08/24 11:15 p.m.29 views

CVE-2024-45234

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics...

7.5CVSS0.00452EPSS
Exploits0References2
OSV
OSV
added 2024/08/24 11:15 p.m.14 views

CVE-2024-45239

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a null eContent field. Fort dereferences the pointer without sanitizing it first. Because Fort is an RPKI Relying Party, ...

7.5CVSS6.7AI score
Exploits0References2
OSV
OSV
added 2024/08/24 11:15 p.m.18 views

CVE-2024-45234

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics...

7.5CVSS6.8AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/08/24 11:15 p.m.14 views

CVE-2024-45236

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a signed object containing an empty signedAttributes field. Fort accesses the set's elements without sanitizing it first. Because Fort is an RPKI Relying...

7.5CVSS5.9AI score0.00481EPSS
Exploits0References3
OSV
OSV
added 2024/08/24 11:15 p.m.4 views

UBUNTU-CVE-2024-45235

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing an Authority Key Identifier extension that lacks the keyIdentifier field. Fort references this pointer without sanitizi...

7.5CVSS5.8AI score0.00305EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/08/24 11:15 p.m.19 views

CVE-2024-45235

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing an Authority Key Identifier extension that lacks the keyIdentifier field. Fort references this pointer without sanitizi...

7.5CVSS5.9AI score0.00305EPSS
Exploits0References3
OSV
OSV
added 2024/08/24 11:15 p.m.5 views

UBUNTU-CVE-2024-45238

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. OpenSSL does not report this problem during parsin...

7.5CVSS5.8AI score0.00305EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/08/24 11:15 p.m.10 views

CVE-2024-45237

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a Key Usage extension composed of more than two bytes of data. Fort writes this string into a 2-byte buffer without...

9.8CVSS6.2AI score0.00356EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/08/24 11:15 p.m.14 views

CVE-2024-45239

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a null eContent field. Fort dereferences the pointer without sanitizing it first. Because Fort is an RPKI Relying Party, ...

7.5CVSS5.9AI score0.00481EPSS
Exploits0References3
OSV
OSV
added 2024/08/24 11:15 p.m.1 views

UBUNTU-CVE-2024-45234

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics...

7.5CVSS5.9AI score0.00452EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/08/24 11:15 p.m.22 views

CVE-2024-45234

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics...

7.5CVSS5.9AI score0.00452EPSS
Exploits0References3
OSV
OSV
added 2024/08/24 11:15 p.m.4 views

UBUNTU-CVE-2024-45239

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a null eContent field. Fort dereferences the pointer without sanitizing it first. Because Fort is an RPKI Relying Party, ...

7.5CVSS5.8AI score0.00481EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/08/24 11:15 p.m.11 views

CVE-2024-45238

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. OpenSSL does not report this problem during parsin...

7.5CVSS5.9AI score0.00305EPSS
Exploits0References3
OSV
OSV
added 2024/08/24 11:15 p.m.5 views

UBUNTU-CVE-2024-45236

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a signed object containing an empty signedAttributes field. Fort accesses the set's elements without sanitizing it first. Because Fort is an RPKI Relying...

7.5CVSS5.8AI score0.00481EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/08/24 12:0 a.m.14 views

CVE-2024-45234

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics...

6.9AI score0.00452EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/24 12:0 a.m.10 views

CVE-2024-45236

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a signed object containing an empty signedAttributes field. Fort accesses the set's elements without sanitizing it first. Because Fort is an RPKI Relying...

6.8AI score0.00481EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/24 12:0 a.m.3 views

FORT Validator 安全漏洞

FORT Validator is a NICMx open source RPKI dependency and RTR server. A security vulnerability exists in FORT Validator versions prior to 1.6.3 that stems from dereferencing pointers...

7.5CVSS6.3AI score0.00305EPSS
Exploits0References3
Rows per page
Query Builder