📦 Octorpki

CVE-2021-3978 is a local privilege escalation vulnerability in Cloudflare's octorpki RPKI validator. When combined with another vulnerability that allows processing malicious TAL files, attackers coul...

OctoRPKI has a path traversal vulnerability where malicious repositories can write files outside the designated cache directory using '..' sequences in URIs. This allows attackers to potentially achie...

This vulnerability allows any Certificate Authority (CA) issuer in the Resource Public Key Infrastructure (RPKI) to trick OctoRPKI versions prior to 1.3.0 into emitting invalid MaxLength values in Val...