CVE-2023-39914

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-39914

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-39914.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-39914

Aliases

Downstream

DEBIAN-CVE-2023-39914

UBUNTU-CVE-2023-39914

Published

2023-09-13T15:15:07Z

Modified

2025-08-09T20:01:27Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding.

References

https://nlnetlabs.nl/downloads/bcder/CVE-2023-39914.txt

Affected packages