CVE-2025-43972

Published April 21st, 2025

View on NVD ↗

CVSS v3

6.8

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context.

osrg/gobgp

BGP implemented in the Go Programming Language

GitHub

4.06K