4 matches found
CVE-2022-3616
Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer...
Linux Distros Unpatched Vulnerability : CVE-2022-3616
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash,...
CVE-2022-3616
Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer...
CVE-2022-3616
Affected software/area: OctoRPKI (github.com/cloudflare/cfrpki) in the octorpki command. Root cause / vulnerability detail: Attackers can construct long chains of Certificate Authorities (CAs) that exhaust the max iterations limit, causing OctoRPKI to crash and fail validation, resulting in a den...