Vulnerability in Nlnet Labs Routinator

CVE-2021-43174

NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routi…

EPSS: 0.007 (72.9th percentile) — read the EPSS interpretation.

Affected products

Nlnet Labs Routinator — versions unspecified

Weakness classification (CWE)

CWE-1325

References

www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43… (x_refsource_MISC)
DSA-5041 (vendor-advisory, x_refsource_DEBIAN)