What is the vulnerability ID for this vulnerability?

The vulnerability ID for this vulnerability is GHSA-6jmw-6mxw-w4jc.

What is the severity of GHSA-6jmw-6mxw-w4jc?

The severity of GHSA-6jmw-6mxw-w4jc is high with a CVSS score of 7.5.

Which software is affected by GHSA-6jmw-6mxw-w4jc?

NLnet Labs’ bcder library up to and including version 0.7.2 is affected by this vulnerability.

How can GHSA-6jmw-6mxw-w4jc be fixed?

To fix GHSA-6jmw-6mxw-w4jc, upgrade the bcder library to version 0.7.3 or later.

What is the Common Weakness Enumeration (CWE) ID for GHSA-6jmw-6mxw-w4jc?

The Common Weakness Enumeration (CWE) ID for GHSA-6jmw-6mxw-w4jc is CWE-228.

vuln-group

GHSA-6jmw-6mxw-w4jc

Severity: high (7.5)

First published: Wed Sep 13 2023

Last modified: Thu Sep 14 2023

CWE: 228

NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding.

Any of

rust/bcder
<0.7.3
fixed in: 0.7.3

FAQ

What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is GHSA-6jmw-6mxw-w4jc.
What is the severity of GHSA-6jmw-6mxw-w4jc?
The severity of GHSA-6jmw-6mxw-w4jc is high with a CVSS score of 7.5.
Which software is affected by GHSA-6jmw-6mxw-w4jc?
NLnet Labs’ bcder library up to and including version 0.7.2 is affected by this vulnerability.
How can GHSA-6jmw-6mxw-w4jc be fixed?
To fix GHSA-6jmw-6mxw-w4jc, upgrade the bcder library to version 0.7.3 or later.
What is the Common Weakness Enumeration (CWE) ID for GHSA-6jmw-6mxw-w4jc?
The Common Weakness Enumeration (CWE) ID for GHSA-6jmw-6mxw-w4jc is CWE-228.

Reference Links

collector/github-advisory-latest
alias/GHSA-6jmw-6mxw-w4jc
alias/CVE-2023-39914
collector/github-advisory
package-manager/rust

FAQ

What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is GHSA-6jmw-6mxw-w4jc.
What is the severity of GHSA-6jmw-6mxw-w4jc?
The severity of GHSA-6jmw-6mxw-w4jc is high with a CVSS score of 7.5.
Which software is affected by GHSA-6jmw-6mxw-w4jc?
NLnet Labs’ bcder library up to and including version 0.7.2 is affected by this vulnerability.
How can GHSA-6jmw-6mxw-w4jc be fixed?
To fix GHSA-6jmw-6mxw-w4jc, upgrade the bcder library to version 0.7.3 or later.
What is the Common Weakness Enumeration (CWE) ID for GHSA-6jmw-6mxw-w4jc?
The Common Weakness Enumeration (CWE) ID for GHSA-6jmw-6mxw-w4jc is CWE-228.

GHSA-6jmw-6mxw-w4jc

Any of

FAQ

What is the vulnerability ID for this vulnerability?

What is the severity of GHSA-6jmw-6mxw-w4jc?

Which software is affected by GHSA-6jmw-6mxw-w4jc?

How can GHSA-6jmw-6mxw-w4jc be fixed?

What is the Common Weakness Enumeration (CWE) ID for GHSA-6jmw-6mxw-w4jc?

Reference Links

Navigation

FAQ

What is the vulnerability ID for this vulnerability?

What is the severity of GHSA-6jmw-6mxw-w4jc?

Which software is affected by GHSA-6jmw-6mxw-w4jc?

How can GHSA-6jmw-6mxw-w4jc be fixed?

What is the Common Weakness Enumeration (CWE) ID for GHSA-6jmw-6mxw-w4jc?