CVE-2021-3912

Published: 2021-11-11T22:15Z

Last Modified: 2024-11-21T06:22Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of memory (and thus crash). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt