High severity7.4NVD Advisory· Published Jul 30, 2020· Updated Jun 17, 2026
CVE-2020-16164
CVE-2020-16164
Description
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation ".roa" files or X509 Certificate Revocation List files from the RPKI relying party's view. NOTE: some third parties may regard this as a preferred behavior, not a vulnerability
Affected products
2- RIPE NCC/RPKI Validatordescription
- Range: <=3.1-2020.07.06.14.28
Patches
Vulnerability mechanics
References
3- github.com/RIPE-NCC/rpki-validator-3/issues/158nvdIssue TrackingThird Party Advisory
- github.com/RIPE-NCC/rpki-validator-3/issues/232nvdIssue TrackingThird Party Advisory
- github.com/RIPE-NCC/rpki-validator-3/security/advisories/GHSA-q76j-58cx-wp5vnvdThird Party Advisory
News mentions
0No linked articles in our index yet.