{"containers":{"cna":{"affected":[{"product":"Routinator","vendor":"NLnet Labs","versions":[{"lessThanOrEqual":"0.9.0","status":"affected","version":"unspecified","versionType":"custom"}]}],"credits":[{"lang":"en","value":"We would like to thank Job Snijders for reporting the issue."}],"datePublic":"2021-09-21T00:00:00.000Z","descriptions":[{"lang":"en","value":"NLnet Labs Routinator prior to 0.10.0 produces invalid RTR payload if an RPKI CA uses too large values in the max-length parameter in a ROA. This will lead to RTR clients such as routers to reject the RPKI data set, effectively disabling Route Origin Validation."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1288","description":"CWE-1288: Improper Validation of Consistency within Input","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-09-21T13:23:17.000Z","orgId":"206fc3a0-e175-490b-9eaa-a5738056c9f6","shortName":"NLnet Labs"},"references":[{"tags":["x_refsource_MISC"],"url":"https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-41531.txt"}],"title":"Invalid RPKI data could disable Route Origin Validation on RTR clients.","x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"sep@nlnetlabs.nl","DATE_PUBLIC":"2021-09-21T00:00:00.000Z","ID":"CVE-2021-41531","STATE":"PUBLIC","TITLE":"Invalid RPKI data could disable Route Origin Validation on RTR clients."},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Routinator","version":{"version_data":[{"version_affected":"<=","version_value":"0.9.0"}]}}]},"vendor_name":"NLnet Labs"}]}},"credit":[{"lang":"eng","value":"We would like to thank Job Snijders for reporting the issue."}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"NLnet Labs Routinator prior to 0.10.0 produces invalid RTR payload if an RPKI CA uses too large values in the max-length parameter in a ROA. This will lead to RTR clients such as routers to reject the RPKI data set, effectively disabling Route Origin Validation."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-1288: Improper Validation of Consistency within Input"}]}]},"references":{"reference_data":[{"name":"https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-41531.txt","refsource":"MISC","url":"https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-41531.txt"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T03:15:29.202Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-41531.txt"}]}]},"cveMetadata":{"assignerOrgId":"206fc3a0-e175-490b-9eaa-a5738056c9f6","assignerShortName":"NLnet Labs","cveId":"CVE-2021-41531","datePublished":"2021-09-21T13:23:17.982Z","dateReserved":"2021-09-20T00:00:00.000Z","dateUpdated":"2024-09-16T20:27:40.850Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}