Vulnerability Report: GO-2022-0251
- CVE-2021-3910, GHSA-5mxh-2qfv-4g7j
- Affects: github.com/cloudflare/cfrpki
- Published: Jul 15, 2022
- Modified: May 20, 2024
OctoRPKI crashes when a repository returns an invalid ROA that is only an encoded NUL character (\0).
Affected Packages
-
PathGo VersionsSymbols
-
before v1.4.0
Aliases
References
- https://github.com/cloudflare/cfrpki/commit/76f0f7a98da001fa04e5bc0407c6702f91096bfa
- https://vuln.go.dev/ID/GO-2022-0251.json
Credits
- Koen van Hove
Feedback
See anything missing or incorrect?
Suggest an edit to this report.