Gobgp@* Security Vulnerabilities and Issues — Gobgp@* CVE List

Lucene search

OsrgGobgp*

4 matches found

CVE•added 2025/04/21 1:15 a.m.•190 views

CVE-2025-43973

An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message.

9.8CVSS6.5AI score0.00023EPSS

CVE•added 2025/04/21 1:15 a.m.•157 views

CVE-2025-43971

An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.

8.6CVSS6.5AI score0.00019EPSS

CVE•added 2025/04/21 1:15 a.m.•156 views

CVE-2025-43972

An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context.

7.5CVSS6.6AI score0.00028EPSS

CVE•added 2025/04/21 1:15 a.m.•149 views

CVE-2025-43970

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).

5.3CVSS4.6AI score0.00022EPSS