Описание
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.35.0-1 |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/noble | released | 3.23.0-1ubuntu0.3+esm2 |
| focal | ignored | end of standard support, was needs-triage |
| jammy | not-affected | code not present |
| noble | needed | |
| oracular | ignored | end of life, was needed |
| plucky | not-affected | 3.35.0-1 |
Показывать по
10
8.6 High
CVSS3
Связанные уязвимости
CVSS3: 8.6
nvd
9 месяцев назад
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.
CVSS3: 8.6
debian
9 месяцев назад
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go ...
CVSS3: 8.6
github
9 месяцев назад
GoBGP panics due to a zero value for softwareVersionLen
CVSS3: 8.6
fstec
9 месяцев назад
Уязвимость компонента pkg/packet/bgp/bgp.go реализации протокола BGP (Border Gateway Protocol) GoBGP, позволяющая нарушителю вызвать отказ в обслуживании
8.6 High
CVSS3