CVE-2021-3911Improper Input Validation in Octorpki

CWE-20Improper Input ValidationCWE-252Unchecked Return Value7 documents5 sources
Severity
6.5MEDIUMNVD
CNA4.2
EPSS
0.6%
top 31.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Cloudflare OctorpkiGithub.com Cloudflare CfrpkiDebian Linux
Timeline
PublishedNov 11
Latest updateJul 15

Description

If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

CVEListV5cloudflare/octorpkiunspecified1.4.0
NVDcloudflare/octorpki< 1.3.0

Also affects: Debian Linux 11.0

🔴Vulnerability Details

5
OSV
Panic on misconfigured IP address in github.com/cloudflare/cfrpki2022-07-15
CVEList
Misconfigured IP address field in ROA leads to OctoRPKI crash2021-11-11
OSV
CVE-2021-3911: If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash2021-11-11
OSV
Misconfigured IP address field in ROA leads to OctoRPKI crash2021-11-10
GHSA
Misconfigured IP address field in ROA leads to OctoRPKI crash2021-11-10

📋Vendor Advisories

1
Debian
CVE-2021-3911: cfrpki - If the ROA that a repository returns contains too many bits for the IP address t...2021
CVE-2021-3911 — Improper Input Validation in Octorpki | cvebase