CVE-2025-43971

Опубликовано: 21 апр. 2025

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 8.6

Описание

An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.

Релиз	Статус	Примечание
devel	not-affected	3.35.0-1
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
focal	ignored	end of standard support, was needs-triage
jammy	needs-triage
noble	needs-triage
oracular	needs-triage
plucky	not-affected	3.35.0-1

Показывать по

EPSS

Процентиль: 18%

0.00057

Низкий

8.6 High

CVSS3

CVE-2025-43971

CVSS3: 8.6

nvd

2 месяца назад

An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.

CVE-2025-43971

CVSS3: 8.6

debian

2 месяца назад

An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go ...

GHSA-7m35-vw2c-696v

CVSS3: 8.6

github

2 месяца назад

GoBGP panics due to a zero value for softwareVersionLen

EPSS

Процентиль: 18%

0.00057

Низкий

8.6 High

CVSS3