CVE-2021-3910

Improper Input Validation in go/github.com/cloudflare/cfrpki

Identifiers

CVE-2021-3910, GHSA-5mxh-2qfv-4g7j

Package Slug

go/github.com/cloudflare/cfrpki

Vulnerability

Improper Input Validation

Description

OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL \0 character).

Affected Versions

All versions before 1.3.0

Solution

Upgrade to version 1.3.0 or above.

Last Modified

2021-11-18

source