Vulnerability Report: GO-2022-0246
- CVE-2021-3761, GHSA-c8xp-8mf3-62h9
- Affects: github.com/cloudflare/cfrpki
- Published: Jul 15, 2022
- Modified: May 20, 2024
The ROAEntry.Validate function fails to perform bounds checks on the MaxLength field, allowing invalid values to pass validation.
Affected Packages
-
PathGo VersionsSymbols
-
before v1.3.0
Aliases
References
- https://github.com/cloudflare/cfrpki/pull/90
- https://github.com/cloudflare/cfrpki/commit/a8db4e009ef217484598ba1fd1c595b54e0f6422
- https://vuln.go.dev/ID/GO-2022-0246.json
Credits
- Job Snijders
Feedback
See anything missing or incorrect?
Suggest an edit to this report.