PT-2023-27150 · Bcder+1 · Bcder+1
Donika Mirdita
+2
·
Published
2023-09-13
·
Updated
2024-09-11
·
CVE-2023-39915
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Routinator versions up to and including 0.12.1
Description
The issue is caused by insufficient input checking in the bcder library, which may lead to a crash when trying to parse certain malformed RPKI objects.
Recommendations
For versions up to and including 0.12.1, update to a version that includes the fix for the insufficient input checking in the bcder library to prevent crashes when parsing malformed RPKI objects.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Routinator
Bcder