5 matches found
EUVD-2026-35065
When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...
PT-2026-47304
Name of the Vulnerable Software and Affected Versions Routinator affected versions not specified Description Routinator crashes when it encounters a file via RRDP Router Role Distribution Protocol that uses a specifically crafted Document Type Definition DTD, which is a set of markup declarations...
DEBIAN-CVE-2024-45234
An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics...
DEBIAN-CVE-2021-43174
NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitrary amounts of whi...
UBUNTU-CVE-2021-43174
NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitrary amounts of whi...