VYPR

RPKI Validator 3

by RIPE NCC

CVEs (3)

  • CVE-2020-16163CriJul 30, 2020
    risk 0.59cvss 9.1epss 0.01

    An issue was discovered in RIPE NCC RPKI Validator 3.x before 3.1-2020.07.06.14.28. RRDP fetches proceed even with a lack of validation of a TLS HTTPS endpoint. This allows remote attackers to bypass intended access restrictions, or to trigger denial of service to traffic…

  • CVE-2020-16162HigJul 30, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass intended access restrictions by using…

  • CVE-2020-16164HigJul 30, 2020
    risk 0.48cvss 7.4epss 0.01

    An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation ".roa"…