CVE-2025-43970 — Vulnetix

CVE-2025-43970 PUBLISHED CVSS 4.300000190734863 MEDIUM

GoBGP does not properly check the input length

EPSS 0.01% · 2.6th percentile

Risk Scores

CVSS 3.1

4.300000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

EPSS Score

0.01%

2.6th percentile

Affected Products

Vendor	Product	Versions
GoBGP	GoBGP	0, 0
github.com	osrg/gobgp	0, 0
osrg	gobgp	0, 0
github.com	osrg/gobgp/v3	0, 0

Exploit Intelligence

CIRCL seen: CVE-2025-43970 (circl-sighting)
CIRCL seen: CVE-2025-43970 (circl-sighting)
CIRCL seen: CVE-2025-43970 (circl-sighting)
CIRCL published-proof-of-concept: CVE-2025-43970 (circl-sighting)
https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0 (circl)
https://github.com/osrg/gobgp/commit/5153bafbe8dbe1a2f02a70bbf0365e98b80e47b0 (circl)

Timeline

Apr 21, 2025 CVE Published
Apr 21, 2025 EPSS Score
Apr 21, 2025 Coalition ESS Score
Apr 21, 2025 PoC Published
Apr 21, 2025 PoC Published
Apr 21, 2025 PoC Published
Apr 21, 2025 PoC Published
May 3, 2025 EPSS Score
May 8, 2025 Coalition ESS Score
May 15, 2025 EPSS Score
May 28, 2025 EPSS Score
Jun 9, 2025 EPSS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›