We found results for “”
CVE-2023-39914
Good to know:
Date: September 13, 2023
NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding.
Language: RUST
Severity Score
Severity Score
Weakness Type (CWE)
Insufficient Information
NVD-CWE-noinfoImproper Handling of Syntactically Invalid Structure
CWE-228Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | HIGH |