Routinator

This hub aggregates every CVE we track for Routinator, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 13 most recently published vulnerabilities affecting Routinator.

• CVE-2026-49235Routinator crashes on specifically crafted RRDP XML files7.5Jun 8, 2026
• CVE-2026-49234Routinator crashes on specifically crafted ASN strings in the API7.5Jun 8, 2026
• CVE-2026-49233Routinator cache path traversal using rogue rsync URIs7.5Jun 8, 2026
• CVE-2025-0638Routinator crashes when illegal characters are present in manifest file names7.5Jan 22, 2025
• CVE-2024-1622Routinator terminates when RTR connection is reset too quickly after opening7.5Feb 26, 2024
• CVE-2023-39916Possible path traversal when storing RRDP responses9.3Sep 13, 2023
• CVE-2023-39915Crashes on parsing certain invalid RPKI objects7.5Sep 13, 2023
• CVE-2022-3029Fatal error on incorrect base64 data in RRDP7.5Sep 13, 2022
• CVE-2021-43174gzip transfer encoding caused out-of-memory crash7.5Nov 9, 2021
• CVE-2021-43173Hanging RRDP request7.5Nov 9, 2021
• CVE-2021-43172Infinite length chain of RRDP repositories7.5Nov 9, 2021
• CVE-2021-41531Invalid RPKI data could disable Route Origin Validation on RTR clients.7.5Sep 21, 2021
• CVE-2020-17366An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems ...7.4Aug 5, 2020