NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://nlnetlabs.nl/downloads/bcder/CVE-2023-39914.txt |
History
Thu, 12 Sep 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 11 Sep 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-228 |
Wed, 11 Sep 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding. | NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding. |
Weaknesses | CWE-232 CWE-240 |
MITRE
Status: PUBLISHED
Assigner: NLnet Labs
Published: 2023-09-13T14:17:49.204Z
Updated: 2024-09-12T13:22:36.893Z
Reserved: 2023-08-07T11:55:17.843Z
Link: CVE-2023-39914
Vulnrichment
Updated: 2024-09-12T13:22:32.617Z
NVD
Status : Modified
Published: 2023-09-13T15:15:07.657
Modified: 2024-09-11T16:15:04.547
Link: CVE-2023-39914
Redhat
No data.