CVE-2022-3616— OctoRPKI crash when maximum iterations number is reached
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-3616
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OctoRPKI crash when maximum iterations number is reached
Source: NVD (National Vulnerability Database)
Vulnerability Description
Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer SIT, ATHENE, who discovered and reported this vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
对因果或异常条件的不恰当检查
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cloudflare OctoRPKI 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cloudflare OctoRPKI是美国Cloudflare公司的Cloudflare平台的RPKI工具箱。 Cloudflare OctoRPKI 存在安全漏洞。攻击者利用该漏洞可以创建过长的CA链,导致OctoRPKI超过其最大迭代参数最终实现程序崩溃,阻止其完成验证并拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cloudflare | OctoRPKI | 0 ~ <1.4.4 | - |
II. Public POCs for CVE-2022-3616
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-3616
请登录查看更多情报信息。
Same Patch Batch · Cloudflare · 2022-10-28 · 6 CVEs total
| CVE-2022-3320 | 6.7 MEDIUM | Bypassing Cloudflare Zero Trust policies using warp-cli set-custom-endpoint command |
| CVE-2022-3321 | 6.7 MEDIUM | Lock WARP switch feature bypass on WARP mobile client for iOS |
| CVE-2022-3322 | 6.7 MEDIUM | Lock WARP switch bypass on WARP mobile client using iOS quick action |
| CVE-2022-3337 | 6.7 MEDIUM | Lock WARP switch bypass by removing VPN profile on iOS mobile client |
| CVE-2022-3512 | 6.7 MEDIUM | Lock WARP switch bypass using warp-cli 'add-trusted-ssid' command |
IV. Related Vulnerabilities
Same product: OctoRPKI
- CVE-2021-3978
Improper Preservation of Permissions in github.com/cloudflar - CVE-2021-3912
OctoRPKI crashes when processing GZIP bomb returned via mali - CVE-2021-3911
Misconfigured IP address field in ROA leads to OctoRPKI cras - CVE-2021-3910
NUL character in ROA causes OctoRPKI to crash - CVE-2021-3909
Infinite open connection causes OctoRPKI to hang forever
Same vendor: Cloudflare
- CVE-2026-2836
Cache poisoning via insecure-by-default cache key - CVE-2026-2835
HTTP Request Smuggling via HTTP/1.0 and Transfer-Encoding Mi - CVE-2026-2833
HTTP Request Smuggling via Premature Upgrade - CVE-2026-1229
Incorrect calculation in CIRCL secp384r1 CombinedMult - CVE-2026-0933
OS Command Injection in `wrangler pages deploy`
Same weakness: CWE-754
- CVE-2026-41662
Admidio: Missing Minimum Administrator Check in Role Members - CVE-2026-35225
Improper timeout handling in CODESYS EtherNetIP - CVE-2026-35366
uutils coreutils printenv Security Inspection Bypass via UTF - CVE-2026-40343
free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPos - CVE-2026-40249
free5gc UDR fail-open request handling in PolicyDataSubsToNo
V. Comments for CVE-2022-3616
No comments yet