HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2021-41531

CVSS 7.5v3.1pub. 2021-09-21upd. 2024-11-21

NLnet Labs Routinator prior to 0.10.0 produces invalid RTR payload if an RPKI CA uses too large values in the max-length parameter in a ROA. This will lead to RTR clients such as routers to reject the RPKI data set, effectively disabling Route Origin Validation.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  • Nlnetlabs Routinator

    APP
    Nlnetlabs
    < 0.10.0
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-39916CRITICAL9.3ten sam produkt

NLnet Labs’ Routinator 0.9.0 up to and including 0.12.1 as well as 0.14.0 up to and including 0.14.2 contains ...

CVE-2026-49235HIGH8.7ten sam produkt

When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator c...

CVE-2026-49233HIGH8.3ten sam produkt

Routinator does not properly check the module component of rsync URIs, which are used to create the file syste...

CVE-2026-49234HIGH8.2ten sam produkt

When sending a specifically crafted non-UTF-8 string as select-asn query parameter to the /api/v1/origins endp...

CVE-2024-1622HIGH7.5ten sam produkt

Due to a mistake in error checking, Routinator will terminate when an incoming RTR connection is reset by the ...

CVE-2021-41531 β€” Nlnetlabs β€” Routinator β€” HIGH β€” CVSS 7.5 | CVEbaza.pl