Known Vulnerabilities for Octorpki by Cloudflare
Listed below are 7 of the newest known vulnerabilities associated with "Octorpki" by "Cloudflare".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-3912 | OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, mak... | 6.5 - MEDIUM | 2021-11-11 | 2022-08-09 |
| CVE-2021-3911 | If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash. | 6.5 - MEDIUM | 2021-11-11 | 2022-04-04 |
| CVE-2021-3910 | OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\0) character). | 7.5 - HIGH | 2021-11-11 | 2022-04-04 |
| CVE-2021-3909 | OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wa... | 7.5 - HIGH | 2021-11-11 | 2022-04-04 |
| CVE-2021-3908 | OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an ad-hoc fashion, thereby ... | 7.5 - HIGH | 2021-11-11 | 2022-08-09 |
| CVE-2021-3907 | OctoRPKI does not escape a URI with a filename containing "..", this allows a repository to create a file, (ex. rsync://examp... | 9.8 - CRITICAL | 2021-11-11 | 2023-02-01 |
| CVE-2021-3761 | Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessi... | 7.5 - HIGH | 2021-09-09 | 2022-04-04 |