CVE-2021-43173
- EPSS 1.43%
- Veröffentlicht 09.11.2021 17:15:07
- Zuletzt bearbeitet 21.11.2024 06:28:46
In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall validation. While Routina...
CVE-2021-43174
- EPSS 1.17%
- Veröffentlicht 09.11.2021 17:15:07
- Zuletzt bearbeitet 21.11.2024 06:28:46
NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP...
CVE-2021-41531
- EPSS 0.9%
- Veröffentlicht 21.09.2021 14:15:07
- Zuletzt bearbeitet 21.11.2024 06:26:21
NLnet Labs Routinator prior to 0.10.0 produces invalid RTR payload if an RPKI CA uses too large values in the max-length parameter in a ROA. This will lead to RTR clients such as routers to reject the RPKI data set, effectively disabling Route Origin...
CVE-2020-17366
- EPSS 0.75%
- Veröffentlicht 05.08.2020 22:15:12
- Zuletzt bearbeitet 21.11.2024 05:07:57
An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Author...