Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/06/09 2:59 p.m.12 views

CVE-2026-49235

A flaw was found in Routinator. A remote attacker could exploit this vulnerability by providing a specially crafted Document Type Definition DTD file through the Relying Party RPKI Data Protocol RRDP. This could lead to Routinator crashing, resulting in a Denial of Service DoS for the affected...

8.7CVSS5.9AI score0.00358EPSS
Exploits0References4
OSV
OSV
added 2026/06/08 3:33 p.m.7 views

GHSA-5QF9-CF9C-HJC6 Routinator crashes when encountering maliciously crafted RRDP XML files

When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...

8.7CVSS5.2AI score0.00358EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/08 3:33 p.m.13 views

Routinator crashes when encountering maliciously crafted RRDP XML files

When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...

8.7CVSS5.2AI score0.00358EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/08 12:59 p.m.12 views

EUVD-2026-35065

When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...

8.7CVSS5.4AI score0.00358EPSS
Exploits0References1
CVE
CVE
added 2026/06/08 12:59 p.m.48 views

CVE-2026-49235

CVE-2026-49235 affects Routinator. According to the connected CVE entry, processing an RRDP file with a specifically crafted Document Type Definition (DTD) causes Routinator to crash. The CVSSv4.0 vector indicates high impact on availability (V AV:N/AC:L/VI:N/VA:H) with no confidentiality or inte...

8.7CVSS5.4AI score0.00358EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.18 views

PT-2026-47304

Name of the Vulnerable Software and Affected Versions Routinator affected versions not specified Description Routinator crashes when it encounters a file via RRDP Router Role Distribution Protocol that uses a specifically crafted Document Type Definition DTD, which is a set of markup declarations...

8.7CVSS5.4AI score0.00358EPSS
Exploits0References8
OSV
OSV
added 2024/08/24 11:15 p.m.4 views

DEBIAN-CVE-2024-45234

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics...

7.5CVSS5.4AI score0.00452EPSS
Exploits0References1
OSV
OSV
added 2021/11/09 5:15 p.m.1 views

DEBIAN-CVE-2021-43174

NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitrary amounts of whi...

7.5CVSS7.4AI score0.01168EPSS
Exploits0References1
OSV
OSV
added 2021/11/09 5:15 p.m.3 views

UBUNTU-CVE-2021-43174

NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitrary amounts of whi...

7.5CVSS7.2AI score0.01434EPSS
Exploits0References4
OSV
OSV
added 2021/11/09 5:15 p.m.2 views

UBUNTU-CVE-2021-43173

In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall validation. While Routinator has a configurable time-out value for RRDP...

7.5CVSS7.1AI score0.01434EPSS
Exploits0References5
Rows per page
Query Builder