7.5
CVE-2025-0638
- EPSS 0.1%
- Veröffentlicht 22.01.2025 16:15:29
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle sep@nlnetlabs.nl
- CVE-Watchlists
- Unerledigt
Routinator crashes when illegal characters are present in manifest file names
The initial code parsing the manifest did not check the content of the file names yet later code assumed that it was checked and panicked when encountering illegal characters, resulting in a crash of Routinator.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerNLnet Labs
≫
Produkt
Routinator
Default Statusaffected
Version
0.14.1
Version <
*
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.28 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| sep@nlnetlabs.nl | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-1286 Improper Validation of Syntactic Correctness of Input
The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.