Описание
GoBGP panics due to a zero value for softwareVersionLen
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.
Пакеты
Наименование
github.com/osrg/gobgp
go
Затронутые версииВерсия исправления
Отсутствует
Наименование
github.com/osrg/gobgp/v3
go
Затронутые версииВерсия исправления
< 3.35.0
3.35.0
Связанные уязвимости
CVSS3: 8.6
ubuntu
2 месяца назад
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.
CVSS3: 8.6
nvd
2 месяца назад
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.
CVSS3: 8.6
debian
2 месяца назад
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go ...