Severity: high (7.5)
First published: Wed Sep 13 2023
Last modified: Fri Sep 15 2023
NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding.
CVE-2023-39914 is a vulnerability in NLnet Labs' bcder library up to and including version 0.7.2 that can cause the library to panic while decoding certain invalid input data.
CVE-2023-39914 has a severity rating of 7.5 (high).
CVE-2023-39914 can affect both the actual decoding stage and accessing content of types that utilize delayed decoding.
If you are using NLnet Labs' bcder library version 0.7.2 or earlier, your system may be affected by CVE-2023-39914.
To fix CVE-2023-39914, update your bcder library to version 0.7.3 or later.