Vulnerabilities > Nlnetlabs > High

DATE CVE VULNERABILITY TITLE RISK
2021-11-09 CVE-2021-43174 Out-of-bounds Write vulnerability in multiple products
NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories.
network
low complexity
nlnetlabs debian CWE-787
7.5
7.5
2021-09-21 CVE-2021-41531 Improper Input Validation vulnerability in Nlnetlabs Routinator
NLnet Labs Routinator prior to 0.10.0 produces invalid RTR payload if an RPKI CA uses too large values in the max-length parameter in a ROA.
network
low complexity
nlnetlabs CWE-20
7.5
7.5
2021-04-27 CVE-2019-25041 Reachable Assertion vulnerability in multiple products
Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy.
network
low complexity
nlnetlabs debian CWE-617
7.5
7.5
2021-04-27 CVE-2019-25040 Infinite Loop vulnerability in multiple products
Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy.
network
low complexity
nlnetlabs debian CWE-835
7.5
7.5
2021-04-27 CVE-2019-25037 Reachable Assertion vulnerability in multiple products
Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet.
network
low complexity
nlnetlabs debian CWE-617
7.5
7.5
2021-04-27 CVE-2019-25036 Reachable Assertion vulnerability in multiple products
Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname.
network
low complexity
nlnetlabs debian CWE-617
7.5
7.5
2020-11-27 CVE-2020-10772 Resource Exhaustion vulnerability in Nlnetlabs Unbound 1.6.65
An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414.
network
low complexity
nlnetlabs CWE-400
7.5
7.5
2020-08-05 CVE-2020-17366 Improper Certificate Validation vulnerability in Nlnetlabs Routinator
An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1.
network
high complexity
nlnetlabs CWE-295
7.4
7.4
2020-05-19 CVE-2020-12663 Infinite Loop vulnerability in multiple products
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. 		7.5
7.5
2020-05-19 CVE-2020-12662 Resource Exhaustion vulnerability in multiple products
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. 		7.5
7.5