20 matches found
EUVD-2023-2446
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-39914
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This...
GHSA-6JMW-6MXW-W4JC BER/CER/DER decoder panics on invalid input
NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
BER/CER/DER decoder panics on invalid input
NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
CVE-2023-39915
NLnet Labs' Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input checking in the bcder library covered by CVE-2023-39914...
CVE-2023-39914
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
CVE-2023-39914
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
Input validation
NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
UBUNTU-CVE-2023-39914
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
Input validation
NLnet Labs’ Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input checking in the bcder library covered by CVE-2023-39914...
CVE-2023-39914
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
CVE-2023-39915 Crashes on parsing certain invalid RPKI objects
NLnet Labs' Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input checking in the bcder library covered by CVE-2023-39914...
CVE-2023-39915 Crashes on parsing certain invalid RPKI objects
NLnet Labs' Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input checking in the bcder library covered by CVE-2023-39914...
CVE-2023-39915
The CVE-2023-39915 entry concerns NLnet Labs’ Routinator up to version 0.12.1, which may crash when parsing certain malformed RPKI objects. Root cause is insufficient input checking in the bcder library (the same underlying issue as CVE-2023-39914). Impact, per the citations, is availability inte...
CVE-2023-39914 BER/CER/DER decoder panics on invalid input
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
CVE-2023-39914
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
CVE-2023-39914 BER/CER/DER decoder panics on invalid input
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
CVE-2023-39914
The CVE-2023-39914 vulnerability affects NLnet Labs’ bcder library up to version 0.7.2. The root cause is a panic during decoding of certain invalid input data, instead of rejecting it with an error. This can impact both the decoding stage and access to content of types that use delayed decoding....
PT-2023-27150 · Unknown +1 · Routinator +1
Name of the Vulnerable Software and Affected Versions: Routinator versions up to and including 0.12.1 Description: The issue is caused by insufficient input checking in the bcder library, which may lead to a crash when trying to parse certain malformed RPKI objects. Recommendations: For versions ...
PT-2023-27149 · Nlnet +1 · Bcder +1
Name of the Vulnerable Software and Affected Versions: NLnet Labs' bcder library versions 0.7.2 and earlier Description: The bcder library panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as...