CVE-2021-3911

MEDIUM

OctoRPKI - DoS

Title source: llm

Description

If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash.

References (2)

Scores

CVSS v3 4.2
EPSS 0.0055
EPSS Percentile 67.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H

Classification

CWE
CWE-252 CWE-20
Status published

Affected Products (3)

cloudflare/octorpki < 1.3.0
debian/debian_linux
cloudflare/cfrpki < 1.4.0Go

Timeline

Published Nov 11, 2021
Tracked Since Feb 18, 2026