https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 07 May 2026 02:41:33 +0000 https://vulnerability.circl.lu/sighting/503f07ba-7bf9-4758-b07d-cd2cfa7caeaf/export {"uuid": "503f07ba-7bf9-4758-b07d-cd2cfa7caeaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45238", "type": "seen", "source": "https://t.me/cvedetector/4066", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45238 - Fort RPKI Protocol Buffer Overflow\", \n \"Content\": \"CVE ID : CVE-2024-45238 \nPublished : Aug. 24, 2024, 11:15 p.m. | 22\u00a0minutes ago \nDescription : An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. OpenSSL does not report this problem during parsing, and when compiled with OpenSSL libcrypto versions below 3, Fort recklessly dereferences the pointer. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"25 Aug 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-25T01:44:45.000000Z"} {"uuid": "503f07ba-7bf9-4758-b07d-cd2cfa7caeaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45238", "type": "seen", "source": "https://t.me/cvedetector/4066", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45238 - Fort RPKI Protocol Buffer Overflow\", \n \"Content\": \"CVE ID : CVE-2024-45238 \nPublished : Aug. 24, 2024, 11:15 p.m. | 22\u00a0minutes ago \nDescription : An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. OpenSSL does not report this problem during parsing, and when compiled with OpenSSL libcrypto versions below 3, Fort recklessly dereferences the pointer. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"25 Aug 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-25T01:44:45.000000Z"} https://vulnerability.circl.lu/sighting/503f07ba-7bf9-4758-b07d-cd2cfa7caeaf/export Sun, 25 Aug 2024 01:44:45 +0000