Vulnerabilities > Nlnetlabs > Routinator > 0.10.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-13 | CVE-2023-39915 | Unspecified vulnerability in Nlnetlabs Routinator NLnet Labs’ Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. | 7.5 |
| 2023-09-13 | CVE-2023-39916 | Path Traversal vulnerability in Nlnetlabs Routinator NLnet Labs’ Routinator 0.9.0 up to and including 0.12.1 contains a possible path traversal vulnerability in the optional, off-by-default keep-rrdp-responses feature that allows users to store the content of responses received for RRDP requests. | 6.5 |
| 2022-09-13 | CVE-2022-3029 | Unspecified vulnerability in Nlnetlabs Routinator In NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due to a mistake in error handling, data in RRDP snapshot and delta files that isn’t correctly base 64 encoded is treated as a fatal error and causes Routinator to exit. | 7.5 |
| 2021-11-09 | CVE-2021-43172 | Infinite Loop vulnerability in Nlnetlabs Routinator NLnet Labs Routinator prior to 0.10.2 happily processes a chain of RRDP repositories of infinite length causing it to never finish a validation run. | 5.0 |
| 2021-11-09 | CVE-2021-43173 | Resource Exhaustion vulnerability in multiple products In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. | 5.0 |
| 2021-11-09 | CVE-2021-43174 | Out-of-bounds Write vulnerability in multiple products NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. | 5.0 |