The CVE number for this vulnerability is CVE-2023-39915.

== Summary
Routinator may crash when trying to decode certain invalid RPKI objects.

== Affected products
Routinator up to and including 0.12.1.

== Description
Due to insufficient checking of input data in the decoding library bcder used
by Routinator, RPKI objects can be crafted that cause Routinator to crash. See
CVE-2023-39914 for these issues.

Routinator 0.12.2 has been released that depends on a fixed version of the
library.


== Solution
Install Routinator 0.12.2 or later.