CVE-2022-3616

Name of the Vulnerable Software and Affected Versions OctoRPKI versions prior to 1.4.4

Description Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter, causing the program to crash and preventing it from finishing the validation, resulting in a denial of service. This issue was discovered and reported by Donika Mirdita and Haya Shulman - Fraunhofer SIT, ATHENE.

Recommendations For versions prior to 1.4.4, update to version 1.4.4 to resolve the issue. As a temporary workaround, consider restricting the length of CA chains to prevent exceeding the max iterations parameter until a patch is applied.