| CVE-2026-7737 |
high |
7.5 |
7.5 |
|
|
|
26d ago |
GoBGP has Improper Restriction of Operations within the Bounds of a Memory Buffer |
| CVE-2026-30405 |
unknown |
— |
— |
|
|
|
2mo ago |
An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to cause a denial of service via the NEXT_HOP path attribute |
| CVE-2025-43972 |
unknown |
— |
— |
|
|
|
1y ago |
An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context. |
| CVE-2025-43973 |
unknown |
— |
— |
|
|
|
1y ago |
An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message. |
| CVE-2025-43970 |
unknown |
— |
— |
|
|
|
1y ago |
An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family). |
| CVE-2025-43971 |
unknown |
— |
— |
|
|
|
1y ago |
An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen. |