Описание
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.35.0-1 |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/noble | needed | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | not-affected | code not present |
| noble | needed | |
| oracular | needed | |
| plucky | not-affected | 3.35.0-1 |
Показывать по
10
EPSS
Процентиль: 4%
0.00022
Низкий
8.6 High
CVSS3
Связанные уязвимости
CVSS3: 8.6
nvd
5 месяцев назад
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.
CVSS3: 8.6
debian
5 месяцев назад
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go ...
CVSS3: 8.6
github
5 месяцев назад
GoBGP panics due to a zero value for softwareVersionLen
EPSS
Процентиль: 4%
0.00022
Низкий
8.6 High
CVSS3