NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding.
References
Link | Resource |
---|---|
https://nlnetlabs.nl/downloads/bcder/CVE-2023-39914.txt | Vendor Advisory |
Configurations
History
15 Sep 2023, 15:17
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://nlnetlabs.nl/downloads/bcder/CVE-2023-39914.txt - Vendor Advisory | |
CPE | cpe:2.3:a:nlnetlabs:bcder:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | NVD-CWE-noinfo | |
First Time |
Nlnetlabs bcder
Nlnetlabs |
13 Sep 2023, 16:34
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-13 15:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-39914
Mitre link : CVE-2023-39914
CVE.ORG link : CVE-2023-39914
JSON object : View
Products Affected
nlnetlabs
- bcder
CWE