Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

octorpki — Vulnerabilities & Security Advisories 9

All 9 CVE vulnerabilities found in octorpki, with AI-generated Chinese analysis, references, and POCs.

Vendor: Cloudflare

CVE IDTitleCVSSSeverityPublished
CVE-2021-3978 Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki CWE-269 7.5 High2025-01-29
CVE-2022-3616 OctoRPKI crash when maximum iterations number is reached CWE-754 5.4 Medium2022-10-28
CVE-2021-3912 OctoRPKI crashes when processing GZIP bomb returned via malicious repository CWE-400 4.2 Medium2021-11-11
CVE-2021-3911 Misconfigured IP address field in ROA leads to OctoRPKI crash CWE-20 4.2 Medium2021-11-11
CVE-2021-3910 NUL character in ROA causes OctoRPKI to crash CWE-20 4.4 Medium2021-11-11
CVE-2021-3909 Infinite open connection causes OctoRPKI to hang forever CWE-400 4.4 Medium2021-11-11
CVE-2021-3908 Infinite certificate chain depth results in OctoRPKI running forever CWE-400 5.9 Medium2021-11-11
CVE-2021-3907 Arbitrary filepath traversal via URI injection CWE-20 7.4 High2021-11-11
CVE-2021-3761 OctoRPKI lacks contextual out-of-bounds check when validating RPKI ROA maxLength values 7.5 High2021-09-09

All 9 known CVE vulnerabilities affecting octorpki with full Chinese analysis, references, and POCs where available.