Lucene search
Veracode Vulnerability DatabaseVERACODE:32935HistoryNov 12, 2021 - 9:55 a.m.
Denial Of Service (DoS)
2021-11-1209:55:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
30.8%
github.com/cloudflare/cfrpki is vulnerable to denial of service (DoS) attacks. A malicious user is able to send an encoded null (\0) character as an invalid ROA from a repository, causing an application crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/cloudflare/cfrpki | le | v1.3.0 | |
| github.com/cloudflare/cfrpki | le | v1.3.0 |
Related
debiancve
debiancve
CVE-2021-3910
2021-11-11 22:15:07
github
github
NUL character in ROA causes OctoRPKI to crash
2021-11-10 20:15:06
cve
cve
CVE-2021-3910
2021-11-11 22:15:07
nvd
nvd
CVE-2021-3910
2021-11-11 22:15:07
ubuntucve
ubuntucve
CVE-2021-3910
2021-11-11 00:00:00
cvelist
cvelist
CVE-2021-3910 NUL character in ROA causes OctoRPKI to crash
2021-11-01 00:00:00
prion
prion
Design/Logic Flaw
2021-11-11 22:15:00
osv
osv
NUL character in ROA causes OctoRPKI to crash
2021-11-10 20:15:06
Panic on NUL character in ROA in github.com/cloudflare/cfrpki
2022-07-15 23:07:28
CVE-2021-3910
2021-11-11 22:15:07
nessus
nessus
Debian DSA-5041-1 : cfrpki - security update
2022-01-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5041-1)
2022-01-12 00:00:00
debian
debian
[SECURITY] [DSA 5041-1] cfrpki security update
2022-01-11 21:54:05