Описание
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.
Уязвимые конфигурации
Конфигурация 1Версия до 3.35.0 (исключая)
cpe:2.3:a:osrg:gobgp:*:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00057
Низкий
8.6 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-193
CWE-193
Связанные уязвимости
CVSS3: 8.6
ubuntu
2 месяца назад
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.
CVSS3: 8.6
debian
2 месяца назад
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go ...
CVSS3: 8.6
github
2 месяца назад
GoBGP panics due to a zero value for softwareVersionLen
EPSS
Процентиль: 18%
0.00057
Низкий
8.6 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-193
CWE-193