What is CVE-2023-39914?

CVE-2023-39914 is a high-severity vulnerability in Nlnet Labs Bcder, classified under CWE-232. CVSS score: 7.5/10. Published 2023-09-13.

How severe is CVE-2023-39914?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Nlnet Labs Bcder

CVE-2023-39914

NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types…

EPSS: 0.002 (47.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Nlnet Labs Bcder — versions 0.7.3

Weakness classification (CWE)

CWE-232
CWE-240

References

nlnetlabs.nl/downloads/bcder/CVE-2023-39914.txt (vendor-advisory)

Frequently asked questions

What is CVE-2023-39914?: CVE-2023-39914 is a high-severity vulnerability in Nlnet Labs Bcder, classified under CWE-232. CVSS score: 7.5/10. Published 2023-09-13.
How severe is CVE-2023-39914?: High severity. CVSS v3 base score is 7.5 out of 10.