Home > Vulnerability Database > CVE-2025-0638

Mend.io Vulnerability Database

CVE-2025-0638

Good to know:

Date: January 22, 2025

The initial code parsing the manifest did not check the content of the file names yet later code assumed that it was checked and panicked when encountering illegal characters, resulting in a crash of Routinator.

Severity Score

7.5

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-0638

Url: https://www.nlnetlabs.nl/downloads/routinator/CVE-2025-0638.txt

Url: https://www.mend.io/vulnerability-database/CVE-2025-0638

Severity Score

7.5

Weakness Type (CWE)

Improper Validation of Syntactic Correctness of Input

CWE-1286

Top Fix

Upgrade Version

Upgrade to version rpki - 0.18.5

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-0638

Good to know:

Date: January 22, 2025

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?