github.com/cloudflare/cfrpki is vulnerable to denial of service. The vulnerability exists in the main
of octorpki.go
because the OctoRPKI doesn’t limit the connections it opens before the response is returned which results in an application crash.
github.com/advisories/GHSA-8cvr-4rrf-f244
github.com/cloudflare/cfrpki/commit/71ac74e691dc791731f90b72710975414ecec1eb
github.com/cloudflare/cfrpki/commit/a6eaae8c9142c8c76fda3e60135856d7ae87c78f
github.com/cloudflare/cfrpki/pull/100
github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244
www.debian.org/security/2021/dsa-5033
www.debian.org/security/2022/dsa-5041