What is CVE-2023-39915?

CVE-2023-39915 is a high-severity vulnerability in Nlnet Labs Routinator, classified under CWE-232. CVSS score: 7.5/10. Published 2023-09-13.

How severe is CVE-2023-39915?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Nlnet Labs Routinator

CVE-2023-39915

NLnet Labs' Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input checking in the bcder library covered by CVE-2023-39914.

EPSS: 0.003 (57.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Nlnet Labs Routinator — versions 0.12.2

Weakness classification (CWE)

CWE-232
CWE-240

References

nlnetlabs.nl/downloads/routinator/CVE-2023-39915.txt (vendor-advisory)

Frequently asked questions

What is CVE-2023-39915?: CVE-2023-39915 is a high-severity vulnerability in Nlnet Labs Routinator, classified under CWE-232. CVSS score: 7.5/10. Published 2023-09-13.
How severe is CVE-2023-39915?: High severity. CVSS v3 base score is 7.5 out of 10.