Vulnerability Database

309,587

Total vulnerabilities in the database

CVE-2025-43973

An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message.

Published: Apr 21, 2025
Updated: Nov 24, 2025
CVE: CVE-2025-43973
GHSA: GHSA-c5jg-wr5v-2wp2
Severity: Medium
Exploit:

CVSS v3:

Severity: Unknown
Score:
AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

CWEs:

CWE-193

Affected Software
References

Software	From	Fixed in
github.com/osrg/gobgp	-	-
github.com/osrg/gobgp/v3	-	3.35.0
osrg / gobgp	-	3.35.0

https://github.com/osrg/gobgp/commit/5693c58a4815cc6327b8d3b6980f0e5aced28abe
https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo