CVE-2021-3910

Name of the Vulnerable Software and Affected Versions OctoRPKI (affected versions not specified)

Description The issue is related to the handling of invalid ROA (Route Origin Authorisation) objects by OctoRPKI. Specifically, when encountering a repository that returns an invalid ROA containing only an encoded NUL (0) character, OctoRPKI crashes. This can be exploited by a remote attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.