Lucene search
K

5 matches found

OSV
OSV
added 2023/01/17 5:15 p.m.19 views

CVE-2023-0158

NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the "/rrdp" endpoint. Prior to 0.12.1 a direct query for any existing directory under "/rrdp/", rather than an RRDP file such as "/rrdp/notification.xml" as would be expected, causes Krill to...

7.5CVSS6.9AI score0.00702EPSS
Exploits0References1
Prion
Prion
added 2023/01/17 5:15 p.m.13 views

Code injection

NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the "/rrdp" endpoint. Prior to 0.12.1 a direct query for any existing directory under "/rrdp/", rather than an RRDP file such as "/rrdp/notification.xml" as would be expected, causes Krill to...

5CVSS7.6AI score0.00702EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/17 12:0 a.m.9 views

CVE-2023-0158 Triggered crash on direct RRDP access

NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the "/rrdp" endpoint. Prior to 0.12.1 a direct query for any existing directory under "/rrdp/", rather than an RRDP file such as "/rrdp/notification.xml" as would be expected, causes Krill to...

7.8AI score0.00702EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.6 views

PT-2023-16047 · Nlnet · Nlnet Labs Krill

Name of the Vulnerable Software and Affected Versions: NLnet Labs Krill versions prior to 0.12.1 Description: The issue arises when a direct query is made for any existing directory under the "/rrdp/" endpoint, rather than an RRDP file, causing the server to crash. If the built-in "/rrdp" endpoin...

7.5CVSS7.5AI score0.00702EPSS
Exploits0References6
Cvelist
Cvelist
added 2023/01/17 12:0 a.m.22 views

CVE-2023-0158 Triggered crash on direct RRDP access

NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the "/rrdp" endpoint. Prior to 0.12.1 a direct query for any existing directory under "/rrdp/", rather than an RRDP file such as "/rrdp/notification.xml" as would be expected, causes Krill to...

7.8AI score0.00702EPSS
Exploits0References1
Rows per page
Query Builder