Search criteria
27 vulnerabilities found for octorpki by cloudflare
FKIE_CVE-2021-3978
Vulnerability from fkie_nvd - Published: 2025-01-29 10:15 - Updated: 2025-07-29 23:40
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root ( https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service ) this could allow for a vector, when combined with another vulnerability that causes octorpki to process a malicious TAL file, for a local privilege escalation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudflare | octorpki | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudflare:octorpki:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76835CC2-1E72-4632-9904-26EE9A5B2BDF",
"versionEndExcluding": "1.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When copying files with rsync, octorpki uses the \"-a\" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root ( https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service ) this could allow for a vector, when combined with another vulnerability that causes octorpki to process a malicious TAL file, for a local privilege escalation."
},
{
"lang": "es",
"value": "Al copiar archivos con rsync, octorpki utiliza el indicador \"-a\" 0, que obliga a rsync a copiar binarios con el bit suid establecido como root. Dado que la definici\u00f3n de servicio proporcionada tiene como valor predeterminado root (https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service), esto podr\u00eda permitir un vector, cuando se combina con otra vulnerabilidad que hace que octorpki procese un archivo TAL malicioso, para una escalada de privilegios local."
}
],
"id": "CVE-2021-3978",
"lastModified": "2025-07-29T23:40:21.880",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-29T10:15:07.750",
"references": [
{
"source": "cna@cloudflare.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3pqh-p72c-fj85"
}
],
"sourceIdentifier": "cna@cloudflare.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-3616
Vulnerability from fkie_nvd - Published: 2022-10-28 07:15 - Updated: 2024-11-21 07:19
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer SIT, ATHENE, who discovered and reported this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudflare | octorpki | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudflare:octorpki:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FE6CA13-6865-4A62-B962-38C1C7D8E166",
"versionEndExcluding": "1.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to\u00a0Donika Mirdita and\u00a0Haya Shulman - Fraunhofer SIT, ATHENE, who discovered and reported this vulnerability.\n\n"
},
{
"lang": "es",
"value": "Los atacantes pueden crear largas cadenas de CA que llevar\u00edan a OctoRPKI a exceder su par\u00e1metro m\u00e1ximo de iterations. En consecuencia provocar\u00eda que el programa colapsara, impidiendo que finalice la validaci\u00f3n y provocando una Denegaci\u00f3n de Servicio. Cr\u00e9ditos a Donika Mirdita y Haya Shulman - Fraunhofer SIT, ATHENE, quienes descubrieron e informaron esta vulnerabilidad."
}
],
"id": "CVE-2022-3616",
"lastModified": "2024-11-21T07:19:53.173",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 4.2,
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-28T07:15:16.557",
"references": [
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-pmw9-567p-68pc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-pmw9-567p-68pc"
}
],
"sourceIdentifier": "cna@cloudflare.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
},
{
"lang": "en",
"value": "CWE-834"
}
],
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-834"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-3912
Vulnerability from fkie_nvd - Published: 2021-11-11 22:15 - Updated: 2024-11-21 06:22
Severity ?
4.2 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of memory (and thus crash).
References
| URL | Tags | ||
|---|---|---|---|
| cna@cloudflare.com | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg | Third Party Advisory | |
| cna@cloudflare.com | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudflare | octorpki | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudflare:octorpki:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A39C112F-E066-40D1-9CAC-9D9F89B467EE",
"versionEndExcluding": "1.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of memory (and thus crash)."
},
{
"lang": "es",
"value": "OctoRPKI intenta cargar todo el contenido de un repositorio en memoria, y en el caso de una bomba GZIP, descomprimirlo en memoria, haciendo posible crear un repositorio que hace que OctoRPKI se quede sin memoria (y por tanto se bloquee)"
}
],
"id": "CVE-2021-3912",
"lastModified": "2024-11-21T06:22:45.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-11T22:15:08.077",
"references": [
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg"
},
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"sourceIdentifier": "cna@cloudflare.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-3911
Vulnerability from fkie_nvd - Published: 2021-11-11 22:15 - Updated: 2024-11-21 06:22
Severity ?
4.2 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash.
References
| URL | Tags | ||
|---|---|---|---|
| cna@cloudflare.com | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22 | Third Party Advisory | |
| cna@cloudflare.com | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudflare | octorpki | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudflare:octorpki:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A39C112F-E066-40D1-9CAC-9D9F89B467EE",
"versionEndExcluding": "1.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash."
},
{
"lang": "es",
"value": "Si el ROA que devuelve un repositorio contiene demasiados bits para la direcci\u00f3n IP, OctoRPKI ser\u00e1 bloqueado"
}
],
"id": "CVE-2021-3911",
"lastModified": "2024-11-21T06:22:45.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-11T22:15:08.023",
"references": [
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22"
},
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"sourceIdentifier": "cna@cloudflare.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-252"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-3910
Vulnerability from fkie_nvd - Published: 2021-11-11 22:15 - Updated: 2024-11-21 06:22
Severity ?
4.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\0) character).
References
| URL | Tags | ||
|---|---|---|---|
| cna@cloudflare.com | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j | Third Party Advisory | |
| cna@cloudflare.com | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudflare | octorpki | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudflare:octorpki:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A39C112F-E066-40D1-9CAC-9D9F89B467EE",
"versionEndExcluding": "1.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\\0) character)."
},
{
"lang": "es",
"value": "OctoRPKI es bloqueado cuando encuentra un repositorio que devuelve un ROA inv\u00e1lido (s\u00f3lo un car\u00e1cter NUL (\\0) codificado)"
}
],
"id": "CVE-2021-3910",
"lastModified": "2024-11-21T06:22:45.443",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 3.6,
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-11T22:15:07.973",
"references": [
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j"
},
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"sourceIdentifier": "cna@cloudflare.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-3908
Vulnerability from fkie_nvd - Published: 2021-11-11 22:15 - Updated: 2024-11-21 06:22
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an ad-hoc fashion, thereby making tree traversal never end.
References
| URL | Tags | ||
|---|---|---|---|
| cna@cloudflare.com | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq | Third Party Advisory | |
| cna@cloudflare.com | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudflare | octorpki | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudflare:octorpki:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A39C112F-E066-40D1-9CAC-9D9F89B467EE",
"versionEndExcluding": "1.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an ad-hoc fashion, thereby making tree traversal never end."
},
{
"lang": "es",
"value": "OctoRPKI no limita la profundidad de una cadena de certificados, permitiendo que una CA cree hijos de forma ad-hoc, haciendo que el recorrido del \u00e1rbol nunca termine"
}
],
"id": "CVE-2021-3908",
"lastModified": "2024-11-21T06:22:45.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-11T22:15:07.877",
"references": [
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq"
},
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"sourceIdentifier": "cna@cloudflare.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-3907
Vulnerability from fkie_nvd - Published: 2021-11-11 22:15 - Updated: 2024-11-21 06:22
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
OctoRPKI does not escape a URI with a filename containing "..", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code execution on the host machine OctoRPKI is running on.
References
| URL | Tags | ||
|---|---|---|---|
| cna@cloudflare.com | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959 | Third Party Advisory | |
| cna@cloudflare.com | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh | Third Party Advisory | |
| cna@cloudflare.com | https://www.debian.org/security/2021/dsa-5033 | Third Party Advisory | |
| cna@cloudflare.com | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-5033 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudflare | octorpki | * | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudflare:octorpki:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A39C112F-E066-40D1-9CAC-9D9F89B467EE",
"versionEndExcluding": "1.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI does not escape a URI with a filename containing \"..\", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code execution on the host machine OctoRPKI is running on."
},
{
"lang": "es",
"value": "OctoRPKI no escapa a un URI con un nombre de archivo que contenga \"..\", esto permite que un repositorio cree un archivo, (ej. rsync://ejemplo.org/repo/../../etc/cron.daily/evil.roa), que luego ser\u00eda escrito en el disco fuera de la carpeta de cach\u00e9 base. Esto podr\u00eda permitir una ejecuci\u00f3n de c\u00f3digo remota en la m\u00e1quina anfitriona en la que se ejecuta OctoRPKI"
}
],
"id": "CVE-2021-3907",
"lastModified": "2024-11-21T06:22:45.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-11T22:15:07.820",
"references": [
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959"
},
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh"
},
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"sourceIdentifier": "cna@cloudflare.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-3909
Vulnerability from fkie_nvd - Published: 2021-11-11 22:15 - Updated: 2024-11-21 06:22
Severity ?
4.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip feeding new bytes to keep the connection alive.
References
| URL | Tags | ||
|---|---|---|---|
| cna@cloudflare.com | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244 | Third Party Advisory | |
| cna@cloudflare.com | https://www.debian.org/security/2021/dsa-5033 | Third Party Advisory | |
| cna@cloudflare.com | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-5033 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudflare | octorpki | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudflare:octorpki:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A39C112F-E066-40D1-9CAC-9D9F89B467EE",
"versionEndExcluding": "1.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip feeding new bytes to keep the connection alive."
},
{
"lang": "es",
"value": "OctoRPKI no limita la duraci\u00f3n de una conexi\u00f3n, permitiendo que se produzca un ataque slowloris DOS que hace que OctoRPKI espere eternamente. En concreto, el repositorio al que OctoRPKI env\u00eda peticiones HTTP mantendr\u00e1 la conexi\u00f3n abierta durante un d\u00eda antes de que se devuelva una respuesta, pero sigue alimentando con nuevos bytes para mantener viva la conexi\u00f3n"
}
],
"id": "CVE-2021-3909",
"lastModified": "2024-11-21T06:22:45.307",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 3.6,
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-11T22:15:07.923",
"references": [
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244"
},
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"sourceIdentifier": "cna@cloudflare.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-3761
Vulnerability from fkie_nvd - Published: 2021-09-09 14:15 - Updated: 2024-11-21 06:22
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a BGP hijack which during normal operations would be rejected as "RPKI invalid". Additionally, in certain deployments RTR session flapping in and of itself also could cause BGP routing churn, causing availability issues.
References
| URL | Tags | ||
|---|---|---|---|
| cna@cloudflare.com | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-c8xp-8mf3-62h9 | Patch, Third Party Advisory | |
| cna@cloudflare.com | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/cloudflare/cfrpki/security/advisories/GHSA-c8xp-8mf3-62h9 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5041 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cloudflare | octorpki | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cloudflare:octorpki:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A39C112F-E066-40D1-9CAC-9D9F89B467EE",
"versionEndExcluding": "1.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP \"MaxLength\" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a BGP hijack which during normal operations would be rejected as \"RPKI invalid\". Additionally, in certain deployments RTR session flapping in and of itself also could cause BGP routing churn, causing availability issues."
},
{
"lang": "es",
"value": "Cualquier emisor de CA en la RPKI puede enga\u00f1ar a OctoRPKI anterior a versi\u00f3n 1.3.0 para que emita un valor \"MaxLength\" de VRP no v\u00e1lido, causando la terminaci\u00f3n de las sesiones RTR. Un atacante puede usar esto para deshabilitar la Comprobaci\u00f3n de Origen RPKI en una red v\u00edctima (por ejemplo AS 13335 - Cloudflare) antes de lanzar un hijack BGP que durante las operaciones normales ser\u00eda rechazado como \"RPKI invalid\". Adem\u00e1s, en determinados despliegues, la ruptura de la sesi\u00f3n de RTR tambi\u00e9n podr\u00eda causar por s\u00ed misma la ruptura del enrutamiento BGP, causando problemas de disponibilidad"
}
],
"id": "CVE-2021-3761",
"lastModified": "2024-11-21T06:22:21.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "cna@cloudflare.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-09T14:15:09.397",
"references": [
{
"source": "cna@cloudflare.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-c8xp-8mf3-62h9"
},
{
"source": "cna@cloudflare.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-c8xp-8mf3-62h9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"sourceIdentifier": "cna@cloudflare.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-3978 (GCVE-0-2021-3978)
Vulnerability from cvelistv5 – Published: 2025-01-29 10:00 – Updated: 2025-02-12 16:03
VLAI?
Title
Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki
Summary
When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root ( https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service ) this could allow for a vector, when combined with another vulnerability that causes octorpki to process a malicious TAL file, for a local privilege escalation.
Severity ?
7.5 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
0 , < v1.4.2
(semver)
|
Credits
Ties de Kock
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-3978",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T14:19:06.799392Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T16:03:40.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/cloudflare/cfrpki/cmd/octorpki",
"defaultStatus": "unaffected",
"packageName": "octorpki",
"platforms": [
"Go"
],
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "v1.4.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ties de Kock"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When copying files with rsync, octorpki uses the \"-a\" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service\"\u003ehttps://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service\u003c/a\u003e) this could allow for a vector, when combined with another vulnerability that causes octorpki to process a malicious TAL file, for a local privilege escalation."
}
],
"value": "When copying files with rsync, octorpki uses the \"-a\" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root ( https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service ) this could allow for a vector, when combined with another vulnerability that causes octorpki to process a malicious TAL file, for a local privilege escalation."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T10:00:53.237Z",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3pqh-p72c-fj85"
}
],
"source": {
"advisory": "GHSA-3pqh-p72c-fj85",
"discovery": "EXTERNAL"
},
"title": "Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3978",
"datePublished": "2025-01-29T10:00:53.237Z",
"dateReserved": "2021-11-18T20:10:42.977Z",
"dateUpdated": "2025-02-12T16:03:40.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3616 (GCVE-0-2022-3616)
Vulnerability from cvelistv5 – Published: 2022-10-28 06:24 – Updated: 2025-05-05 19:19
VLAI?
Title
OctoRPKI crash when maximum iterations number is reached
Summary
Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer SIT, ATHENE, who discovered and reported this vulnerability.
Severity ?
5.4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | OctoRPKI |
Affected:
0 , < <1.4.4
(semver)
|
Credits
Donika Mirdita - Fraunhofer SIT, ATHENE
Haya Shulman - Fraunhofer SIT, ATHENE
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:14:03.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-pmw9-567p-68pc"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3616",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-05T19:18:52.761100Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T19:19:50.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Go"
],
"product": "OctoRPKI",
"repo": "https://github.com/cloudflare/cfrpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "\u003c1.4.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Donika Mirdita - Fraunhofer SIT, ATHENE "
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Haya Shulman - Fraunhofer SIT, ATHENE"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAttackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to\u0026nbsp;Donika Mirdita and\u0026nbsp;Haya Shulman - Fraunhofer SIT, ATHENE, who discovered and reported this vulnerability.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to\u00a0Donika Mirdita and\u00a0Haya Shulman - Fraunhofer SIT, ATHENE, who discovered and reported this vulnerability.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-834",
"description": "CWE-834 Excessive Iteration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-29T08:43:36.139Z",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-pmw9-567p-68pc"
}
],
"source": {
"advisory": "GHSA-pmw9-567p-68pc",
"discovery": "EXTERNAL"
},
"title": "OctoRPKI crash when maximum iterations number is reached",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2022-3616",
"datePublished": "2022-10-28T06:24:44.189Z",
"dateReserved": "2022-10-20T11:13:34.797Z",
"dateUpdated": "2025-05-05T19:19:50.911Z",
"requesterUserId": "25b7b156-39bf-4f6b-8c25-8bc69c5c5e82",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3912 (GCVE-0-2021-3912)
Vulnerability from cvelistv5 – Published: 2021-11-11 21:45 – Updated: 2024-09-16 23:41
VLAI?
Title
OctoRPKI crashes when processing GZIP bomb returned via malicious repository
Summary
OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of memory (and thus crash).
Severity ?
4.2 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.4.0
(custom)
|
Credits
Koen van Hove
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Koen van Hove"
}
],
"datePublic": "2021-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of memory (and thus crash)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-12T10:06:14",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "OctoRPKI crashes when processing GZIP bomb returned via malicious repository",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-11-01T22:54:00.000Z",
"ID": "CVE-2021-3912",
"STATE": "PUBLIC",
"TITLE": "OctoRPKI crashes when processing GZIP bomb returned via malicious repository"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.4.0"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Koen van Hove"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of memory (and thus crash)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3912",
"datePublished": "2021-11-11T21:45:24.415500Z",
"dateReserved": "2021-10-26T00:00:00",
"dateUpdated": "2024-09-16T23:41:30.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3911 (GCVE-0-2021-3911)
Vulnerability from cvelistv5 – Published: 2021-11-11 21:45 – Updated: 2024-09-16 22:31
VLAI?
Title
Misconfigured IP address field in ROA leads to OctoRPKI crash
Summary
If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash.
Severity ?
4.2 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.4.0
(custom)
|
Credits
Koen van Hove
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Koen van Hove"
}
],
"datePublic": "2021-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-12T10:06:22",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Misconfigured IP address field in ROA leads to OctoRPKI crash",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-11-01T22:52:00.000Z",
"ID": "CVE-2021-3911",
"STATE": "PUBLIC",
"TITLE": "Misconfigured IP address field in ROA leads to OctoRPKI crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.4.0"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Koen van Hove"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3911",
"datePublished": "2021-11-11T21:45:22.690851Z",
"dateReserved": "2021-10-26T00:00:00",
"dateUpdated": "2024-09-16T22:31:10.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3910 (GCVE-0-2021-3910)
Vulnerability from cvelistv5 – Published: 2021-11-11 21:45 – Updated: 2024-09-17 03:27
VLAI?
Title
NUL character in ROA causes OctoRPKI to crash
Summary
OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\0) character).
Severity ?
4.4 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.4.0
(custom)
|
Credits
Koen van Hove
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Koen van Hove"
}
],
"datePublic": "2021-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\\0) character)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-12T10:06:28",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "NUL character in ROA causes OctoRPKI to crash",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-11-01T22:48:00.000Z",
"ID": "CVE-2021-3910",
"STATE": "PUBLIC",
"TITLE": "NUL character in ROA causes OctoRPKI to crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.4.0"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Koen van Hove"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\\0) character)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3910",
"datePublished": "2021-11-11T21:45:21.177058Z",
"dateReserved": "2021-10-26T00:00:00",
"dateUpdated": "2024-09-17T03:27:37.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3909 (GCVE-0-2021-3909)
Vulnerability from cvelistv5 – Published: 2021-11-11 21:45 – Updated: 2024-09-16 23:06
VLAI?
Title
Infinite open connection causes OctoRPKI to hang forever
Summary
OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip feeding new bytes to keep the connection alive.
Severity ?
4.4 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.4.0
(custom)
|
Credits
Koen van Hove
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244"
},
{
"name": "DSA-5033",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Koen van Hove"
}
],
"datePublic": "2021-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip feeding new bytes to keep the connection alive."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-12T10:06:24",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244"
},
{
"name": "DSA-5033",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Infinite open connection causes OctoRPKI to hang forever",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-11-01T22:41:00.000Z",
"ID": "CVE-2021-3909",
"STATE": "PUBLIC",
"TITLE": "Infinite open connection causes OctoRPKI to hang forever"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.4.0"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Koen van Hove"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip feeding new bytes to keep the connection alive."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244"
},
{
"name": "DSA-5033",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3909",
"datePublished": "2021-11-11T21:45:19.611444Z",
"dateReserved": "2021-10-26T00:00:00",
"dateUpdated": "2024-09-16T23:06:15.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3908 (GCVE-0-2021-3908)
Vulnerability from cvelistv5 – Published: 2021-11-11 21:45 – Updated: 2024-09-16 23:21
VLAI?
Title
Infinite certificate chain depth results in OctoRPKI running forever
Summary
OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an ad-hoc fashion, thereby making tree traversal never end.
Severity ?
5.9 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.4.0
(custom)
|
Credits
Koen van Hove
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Koen van Hove"
}
],
"datePublic": "2021-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an ad-hoc fashion, thereby making tree traversal never end."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-12T10:06:18",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Infinite certificate chain depth results in OctoRPKI running forever",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-11-01T22:28:00.000Z",
"ID": "CVE-2021-3908",
"STATE": "PUBLIC",
"TITLE": "Infinite certificate chain depth results in OctoRPKI running forever"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.4.0"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Koen van Hove"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an ad-hoc fashion, thereby making tree traversal never end."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3908",
"datePublished": "2021-11-11T21:45:18.120994Z",
"dateReserved": "2021-10-26T00:00:00",
"dateUpdated": "2024-09-16T23:21:31.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3907 (GCVE-0-2021-3907)
Vulnerability from cvelistv5 – Published: 2021-11-11 21:45 – Updated: 2024-09-17 03:18
VLAI?
Title
Arbitrary filepath traversal via URI injection
Summary
OctoRPKI does not escape a URI with a filename containing "..", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code execution on the host machine OctoRPKI is running on.
Severity ?
7.4 (High)
CWE
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.4.3
(custom)
|
Credits
Koen van Hove
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh"
},
{
"name": "DSA-5033",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.4.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Koen van Hove"
}
],
"datePublic": "2021-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI does not escape a URI with a filename containing \"..\", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code execution on the host machine OctoRPKI is running on."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-23T12:10:10",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh"
},
{
"name": "DSA-5033",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.4.3"
}
],
"source": {
"advisory": "GHSA-3jhm-87m6-x959",
"discovery": "EXTERNAL"
},
"title": "Arbitrary filepath traversal via URI injection",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-11-01T22:16:00.000Z",
"ID": "CVE-2021-3907",
"STATE": "PUBLIC",
"TITLE": "Arbitrary filepath traversal via URI injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.4.3"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Koen van Hove"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OctoRPKI does not escape a URI with a filename containing \"..\", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code execution on the host machine OctoRPKI is running on."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh"
},
{
"name": "DSA-5033",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.4.3"
}
],
"source": {
"advisory": "GHSA-3jhm-87m6-x959",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3907",
"datePublished": "2021-11-11T21:45:16.585289Z",
"dateReserved": "2021-10-26T00:00:00",
"dateUpdated": "2024-09-17T03:18:30.852Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3761 (GCVE-0-2021-3761)
Vulnerability from cvelistv5 – Published: 2021-09-09 14:05 – Updated: 2024-09-17 02:56
VLAI?
Title
OctoRPKI lacks contextual out-of-bounds check when validating RPKI ROA maxLength values
Summary
Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a BGP hijack which during normal operations would be rejected as "RPKI invalid". Additionally, in certain deployments RTR session flapping in and of itself also could cause BGP routing churn, causing availability issues.
Severity ?
7.5 (High)
CWE
- Missing out of bounds check
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.3.0
(custom)
|
Credits
Job Snijders
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:08.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-c8xp-8mf3-62h9"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Job Snijders"
}
],
"datePublic": "2021-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP \"MaxLength\" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a BGP hijack which during normal operations would be rejected as \"RPKI invalid\". Additionally, in certain deployments RTR session flapping in and of itself also could cause BGP routing churn, causing availability issues."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing out of bounds check",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-12T10:06:26",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-c8xp-8mf3-62h9"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.3.0"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "OctoRPKI lacks contextual out-of-bounds check when validating RPKI ROA maxLength values",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-09-03T16:28:00.000Z",
"ID": "CVE-2021-3761",
"STATE": "PUBLIC",
"TITLE": "OctoRPKI lacks contextual out-of-bounds check when validating RPKI ROA maxLength values"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.3.0"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Job Snijders"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP \"MaxLength\" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a BGP hijack which during normal operations would be rejected as \"RPKI invalid\". Additionally, in certain deployments RTR session flapping in and of itself also could cause BGP routing churn, causing availability issues."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing out of bounds check"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-c8xp-8mf3-62h9",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-c8xp-8mf3-62h9"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.3.0"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3761",
"datePublished": "2021-09-09T14:05:09.349774Z",
"dateReserved": "2021-09-01T00:00:00",
"dateUpdated": "2024-09-17T02:56:31.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3978 (GCVE-0-2021-3978)
Vulnerability from nvd – Published: 2025-01-29 10:00 – Updated: 2025-02-12 16:03
VLAI?
Title
Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki
Summary
When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root ( https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service ) this could allow for a vector, when combined with another vulnerability that causes octorpki to process a malicious TAL file, for a local privilege escalation.
Severity ?
7.5 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
0 , < v1.4.2
(semver)
|
Credits
Ties de Kock
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-3978",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T14:19:06.799392Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T16:03:40.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/cloudflare/cfrpki/cmd/octorpki",
"defaultStatus": "unaffected",
"packageName": "octorpki",
"platforms": [
"Go"
],
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "v1.4.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ties de Kock"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When copying files with rsync, octorpki uses the \"-a\" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service\"\u003ehttps://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service\u003c/a\u003e) this could allow for a vector, when combined with another vulnerability that causes octorpki to process a malicious TAL file, for a local privilege escalation."
}
],
"value": "When copying files with rsync, octorpki uses the \"-a\" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root ( https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service ) this could allow for a vector, when combined with another vulnerability that causes octorpki to process a malicious TAL file, for a local privilege escalation."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T10:00:53.237Z",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3pqh-p72c-fj85"
}
],
"source": {
"advisory": "GHSA-3pqh-p72c-fj85",
"discovery": "EXTERNAL"
},
"title": "Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3978",
"datePublished": "2025-01-29T10:00:53.237Z",
"dateReserved": "2021-11-18T20:10:42.977Z",
"dateUpdated": "2025-02-12T16:03:40.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3616 (GCVE-0-2022-3616)
Vulnerability from nvd – Published: 2022-10-28 06:24 – Updated: 2025-05-05 19:19
VLAI?
Title
OctoRPKI crash when maximum iterations number is reached
Summary
Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer SIT, ATHENE, who discovered and reported this vulnerability.
Severity ?
5.4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | OctoRPKI |
Affected:
0 , < <1.4.4
(semver)
|
Credits
Donika Mirdita - Fraunhofer SIT, ATHENE
Haya Shulman - Fraunhofer SIT, ATHENE
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:14:03.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-pmw9-567p-68pc"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3616",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-05T19:18:52.761100Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T19:19:50.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Go"
],
"product": "OctoRPKI",
"repo": "https://github.com/cloudflare/cfrpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "\u003c1.4.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Donika Mirdita - Fraunhofer SIT, ATHENE "
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Haya Shulman - Fraunhofer SIT, ATHENE"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAttackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to\u0026nbsp;Donika Mirdita and\u0026nbsp;Haya Shulman - Fraunhofer SIT, ATHENE, who discovered and reported this vulnerability.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to\u00a0Donika Mirdita and\u00a0Haya Shulman - Fraunhofer SIT, ATHENE, who discovered and reported this vulnerability.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-834",
"description": "CWE-834 Excessive Iteration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-29T08:43:36.139Z",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-pmw9-567p-68pc"
}
],
"source": {
"advisory": "GHSA-pmw9-567p-68pc",
"discovery": "EXTERNAL"
},
"title": "OctoRPKI crash when maximum iterations number is reached",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2022-3616",
"datePublished": "2022-10-28T06:24:44.189Z",
"dateReserved": "2022-10-20T11:13:34.797Z",
"dateUpdated": "2025-05-05T19:19:50.911Z",
"requesterUserId": "25b7b156-39bf-4f6b-8c25-8bc69c5c5e82",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3912 (GCVE-0-2021-3912)
Vulnerability from nvd – Published: 2021-11-11 21:45 – Updated: 2024-09-16 23:41
VLAI?
Title
OctoRPKI crashes when processing GZIP bomb returned via malicious repository
Summary
OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of memory (and thus crash).
Severity ?
4.2 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.4.0
(custom)
|
Credits
Koen van Hove
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Koen van Hove"
}
],
"datePublic": "2021-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of memory (and thus crash)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-12T10:06:14",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "OctoRPKI crashes when processing GZIP bomb returned via malicious repository",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-11-01T22:54:00.000Z",
"ID": "CVE-2021-3912",
"STATE": "PUBLIC",
"TITLE": "OctoRPKI crashes when processing GZIP bomb returned via malicious repository"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.4.0"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Koen van Hove"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of memory (and thus crash)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3912",
"datePublished": "2021-11-11T21:45:24.415500Z",
"dateReserved": "2021-10-26T00:00:00",
"dateUpdated": "2024-09-16T23:41:30.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3911 (GCVE-0-2021-3911)
Vulnerability from nvd – Published: 2021-11-11 21:45 – Updated: 2024-09-16 22:31
VLAI?
Title
Misconfigured IP address field in ROA leads to OctoRPKI crash
Summary
If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash.
Severity ?
4.2 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.4.0
(custom)
|
Credits
Koen van Hove
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Koen van Hove"
}
],
"datePublic": "2021-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-12T10:06:22",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Misconfigured IP address field in ROA leads to OctoRPKI crash",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-11-01T22:52:00.000Z",
"ID": "CVE-2021-3911",
"STATE": "PUBLIC",
"TITLE": "Misconfigured IP address field in ROA leads to OctoRPKI crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.4.0"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Koen van Hove"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3911",
"datePublished": "2021-11-11T21:45:22.690851Z",
"dateReserved": "2021-10-26T00:00:00",
"dateUpdated": "2024-09-16T22:31:10.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3910 (GCVE-0-2021-3910)
Vulnerability from nvd – Published: 2021-11-11 21:45 – Updated: 2024-09-17 03:27
VLAI?
Title
NUL character in ROA causes OctoRPKI to crash
Summary
OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\0) character).
Severity ?
4.4 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.4.0
(custom)
|
Credits
Koen van Hove
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Koen van Hove"
}
],
"datePublic": "2021-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\\0) character)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-12T10:06:28",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "NUL character in ROA causes OctoRPKI to crash",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-11-01T22:48:00.000Z",
"ID": "CVE-2021-3910",
"STATE": "PUBLIC",
"TITLE": "NUL character in ROA causes OctoRPKI to crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.4.0"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Koen van Hove"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\\0) character)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3910",
"datePublished": "2021-11-11T21:45:21.177058Z",
"dateReserved": "2021-10-26T00:00:00",
"dateUpdated": "2024-09-17T03:27:37.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3909 (GCVE-0-2021-3909)
Vulnerability from nvd – Published: 2021-11-11 21:45 – Updated: 2024-09-16 23:06
VLAI?
Title
Infinite open connection causes OctoRPKI to hang forever
Summary
OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip feeding new bytes to keep the connection alive.
Severity ?
4.4 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.4.0
(custom)
|
Credits
Koen van Hove
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244"
},
{
"name": "DSA-5033",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Koen van Hove"
}
],
"datePublic": "2021-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip feeding new bytes to keep the connection alive."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-12T10:06:24",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244"
},
{
"name": "DSA-5033",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Infinite open connection causes OctoRPKI to hang forever",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-11-01T22:41:00.000Z",
"ID": "CVE-2021-3909",
"STATE": "PUBLIC",
"TITLE": "Infinite open connection causes OctoRPKI to hang forever"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.4.0"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Koen van Hove"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip feeding new bytes to keep the connection alive."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244"
},
{
"name": "DSA-5033",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3909",
"datePublished": "2021-11-11T21:45:19.611444Z",
"dateReserved": "2021-10-26T00:00:00",
"dateUpdated": "2024-09-16T23:06:15.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3908 (GCVE-0-2021-3908)
Vulnerability from nvd – Published: 2021-11-11 21:45 – Updated: 2024-09-16 23:21
VLAI?
Title
Infinite certificate chain depth results in OctoRPKI running forever
Summary
OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an ad-hoc fashion, thereby making tree traversal never end.
Severity ?
5.9 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.4.0
(custom)
|
Credits
Koen van Hove
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Koen van Hove"
}
],
"datePublic": "2021-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an ad-hoc fashion, thereby making tree traversal never end."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-12T10:06:18",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Infinite certificate chain depth results in OctoRPKI running forever",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-11-01T22:28:00.000Z",
"ID": "CVE-2021-3908",
"STATE": "PUBLIC",
"TITLE": "Infinite certificate chain depth results in OctoRPKI running forever"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.4.0"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Koen van Hove"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an ad-hoc fashion, thereby making tree traversal never end."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.4"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3908",
"datePublished": "2021-11-11T21:45:18.120994Z",
"dateReserved": "2021-10-26T00:00:00",
"dateUpdated": "2024-09-16T23:21:31.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3907 (GCVE-0-2021-3907)
Vulnerability from nvd – Published: 2021-11-11 21:45 – Updated: 2024-09-17 03:18
VLAI?
Title
Arbitrary filepath traversal via URI injection
Summary
OctoRPKI does not escape a URI with a filename containing "..", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code execution on the host machine OctoRPKI is running on.
Severity ?
7.4 (High)
CWE
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.4.3
(custom)
|
Credits
Koen van Hove
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh"
},
{
"name": "DSA-5033",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.4.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Koen van Hove"
}
],
"datePublic": "2021-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OctoRPKI does not escape a URI with a filename containing \"..\", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code execution on the host machine OctoRPKI is running on."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-23T12:10:10",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh"
},
{
"name": "DSA-5033",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.4.3"
}
],
"source": {
"advisory": "GHSA-3jhm-87m6-x959",
"discovery": "EXTERNAL"
},
"title": "Arbitrary filepath traversal via URI injection",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-11-01T22:16:00.000Z",
"ID": "CVE-2021-3907",
"STATE": "PUBLIC",
"TITLE": "Arbitrary filepath traversal via URI injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.4.3"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Koen van Hove"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OctoRPKI does not escape a URI with a filename containing \"..\", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code execution on the host machine OctoRPKI is running on."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh"
},
{
"name": "DSA-5033",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-5033"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
},
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.4.3"
}
],
"source": {
"advisory": "GHSA-3jhm-87m6-x959",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3907",
"datePublished": "2021-11-11T21:45:16.585289Z",
"dateReserved": "2021-10-26T00:00:00",
"dateUpdated": "2024-09-17T03:18:30.852Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3761 (GCVE-0-2021-3761)
Vulnerability from nvd – Published: 2021-09-09 14:05 – Updated: 2024-09-17 02:56
VLAI?
Title
OctoRPKI lacks contextual out-of-bounds check when validating RPKI ROA maxLength values
Summary
Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a BGP hijack which during normal operations would be rejected as "RPKI invalid". Additionally, in certain deployments RTR session flapping in and of itself also could cause BGP routing churn, causing availability issues.
Severity ?
7.5 (High)
CWE
- Missing out of bounds check
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | octorpki |
Affected:
unspecified , < 1.3.0
(custom)
|
Credits
Job Snijders
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:08.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-c8xp-8mf3-62h9"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "octorpki",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.3.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Job Snijders"
}
],
"datePublic": "2021-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP \"MaxLength\" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a BGP hijack which during normal operations would be rejected as \"RPKI invalid\". Additionally, in certain deployments RTR session flapping in and of itself also could cause BGP routing churn, causing availability issues."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing out of bounds check",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-12T10:06:26",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-c8xp-8mf3-62h9"
},
{
"name": "DSA-5041",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5041"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to 1.3.0"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "OctoRPKI lacks contextual out-of-bounds check when validating RPKI ROA maxLength values",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@cloudflare.com",
"DATE_PUBLIC": "2021-09-03T16:28:00.000Z",
"ID": "CVE-2021-3761",
"STATE": "PUBLIC",
"TITLE": "OctoRPKI lacks contextual out-of-bounds check when validating RPKI ROA maxLength values"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octorpki",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.3.0"
}
]
}
}
]
},
"vendor_name": "Cloudflare"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Job Snijders"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP \"MaxLength\" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a BGP hijack which during normal operations would be rejected as \"RPKI invalid\". Additionally, in certain deployments RTR session flapping in and of itself also could cause BGP routing churn, causing availability issues."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing out of bounds check"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-c8xp-8mf3-62h9",
"refsource": "MISC",
"url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-c8xp-8mf3-62h9"
},
{
"name": "DSA-5041",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5041"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to 1.3.0"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2021-3761",
"datePublished": "2021-09-09T14:05:09.349774Z",
"dateReserved": "2021-09-01T00:00:00",
"dateUpdated": "2024-09-17T02:56:31.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}