[github.com/cloudflare/cfrpki/cmd/octorpki] OctoRPKI crashes when max iterations is reached

Impact

Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter that would cause the program to crash and not finish the validation and thus a denial of service.

Patches

This issue is fixed in v1.4.4

Workarounds

None.

References

• https://github.com/cloudflare/cfrpki/security/advisories/GHSA-pmw9-567p-68pc
• https://nvd.nist.gov/vuln/detail/CVE-2022-3616
• https://github.com/advisories/GHSA-pmw9-567p-68pc