Описание
An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).
Уязвимые конфигурации
Конфигурация 1Версия до 3.35.0 (исключая)
cpe:2.3:a:osrg:gobgp:*:*:*:*:*:*:*:*
EPSS
Процентиль: 5%
0.00025
Низкий
4.3 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-1284
CWE-1284
Связанные уязвимости
CVSS3: 4.3
ubuntu
5 месяцев назад
An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).
CVSS3: 4.3
debian
5 месяцев назад
An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go ...
CVSS3: 4.3
fstec
5 месяцев назад
Уязвимость компонента pkg/packet/mrt/mrt.go реализации протокола BGP (Border Gateway Protocol) GoBGP, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 5%
0.00025
Низкий
4.3 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-1284
CWE-1284