Lucene search
K

838 matches found

OSV
OSV
added 2023/11/06 6:15 a.m.26 views

CVE-2023-38406

bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...

9.8CVSS7.1AI score
Exploits0References4
OSV
OSV
added 2023/11/06 6:15 a.m.1 views

DEBIAN-CVE-2023-38407

bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...

7.5CVSS7.6AI score0.00931EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/11/06 6:15 a.m.25 views

CVE-2023-38407

bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...

7.5CVSS7.1AI score0.00931EPSS
Exploits0References4
Prion
Prion
added 2023/11/06 6:15 a.m.21 views

Buffer overflow

bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...

7.5CVSS7AI score0.00939EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2023/11/06 6:15 a.m.15 views

CVE-2023-38406

bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...

9.8CVSS7.1AI score0.00939EPSS
Exploits0References4
OSV
OSV
added 2023/11/06 6:15 a.m.5 views

UBUNTU-CVE-2023-38406

bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...

9.8CVSS7.2AI score0.00939EPSS
Exploits0References5
Prion
Prion
added 2023/11/06 6:15 a.m.14 views

Stack overflow

bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...

5CVSS6.9AI score0.00931EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/11/06 6:15 a.m.7 views

UBUNTU-CVE-2023-38407

bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...

7.5CVSS7.3AI score0.00931EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/11/06 12:0 a.m.3 views

FRRouting Security Vulnerabilities

FRRouting is an open source network routing software suite from the FRRouting Project that runs on Unix-like platforms. A security vulnerability exists in FRRouting FRR versions prior to 8.5 that stems from an attempt to read beyond the end of the stream during parsing...

7.5CVSS6.7AI score0.00931EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/11/06 12:0 a.m.17 views

CVE-2023-38406

bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...

9.6AI score0.00939EPSS
Exploits0References3
CVE
CVE
added 2023/11/06 12:0 a.m.127 views

CVE-2023-38406

CVE-2023-38406 affects FRRouting (FRR) in bgpd/bgp_flowspec.c, where an nlri length of zero leads to a flowspec overflow. Public references show FRR releases before 8.4.3 are vulnerable; a fix is provided in FRR 8.4.3 and later (up to 8.5.x per advisories). The vulnerability can enable a high-sev...

9.8CVSS9.2AI score0.00939EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2023/11/06 12:0 a.m.106 views

CVE-2023-38407

CVE-2023-38407 affects FRRouting (FRR): in bgpd/bgp_label.c, FRR before 8.5 may read beyond the end of the stream while parsing labeled unicast. Multiple Nessus-based advisories reference this exact issue in FRR, with fixes applied in FRR 8.5+ (e.g., as part of downstream advisories for MiracleLi...

7.5CVSS7.2AI score0.00931EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/06 12:0 a.m.24 views

CVE-2023-38407

bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...

6.5AI score0.00931EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/11/06 12:0 a.m.20 views

CVE-2023-38407

bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...

7.5CVSS7.4AI score0.00931EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/11/06 12:0 a.m.24 views

CVE-2023-38406

bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...

9.8CVSS8.6AI score0.00939EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/11/06 12:0 a.m.18 views

CVE-2023-38406

bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...

7.1AI score0.00939EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/11/06 12:0 a.m.17 views

CVE-2023-38407

bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...

8.6AI score0.00931EPSS
Exploits0References4
NVD
NVD
added 2023/11/03 9:15 p.m.15 views

CVE-2023-47235

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome...

7.5CVSS8.4AI score0.00685EPSS
Exploits0References3
NVD
NVD
added 2023/11/03 9:15 p.m.16 views

CVE-2023-47234

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...

7.5CVSS8.3AI score0.00911EPSS
Exploits0References3
OSV
OSV
added 2023/11/03 9:15 p.m.1 views

DEBIAN-CVE-2023-47235

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome...

7.5CVSS7.6AI score0.00685EPSS
Exploits0References1
Rows per page
Query Builder