CVE-2024-56375
- EPSS 0.23%
- Published 22.12.2024 23:15:06
- Last modified 22.04.2025 15:54:43
An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a Manifest RPKI object containing an empty fileList. Fort dereferences (an...
CVE-2024-56169
- EPSS 0.05%
- Published 18.12.2024 05:15:08
- Last modified 22.04.2025 16:24:31
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying Parties (such as Fort) are supposed to maintain a backup cache of the remote RPKI data. This can be employed as a fallback in case a new fetch fails or yield...
CVE-2024-45235
- EPSS 0.62%
- Published 24.08.2024 23:15:04
- Last modified 22.04.2025 16:24:53
An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing an Authority Key Identifier extension that lacks the keyIdentifier f...
CVE-2024-45238
- EPSS 0.7%
- Published 24.08.2024 23:15:04
- Last modified 22.04.2025 16:24:40
An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key....