{"schema_version":"1.3.1","id":"GO-2025-3630","modified":"2025-04-22T18:16:40Z","published":"2025-04-22T18:16:40Z","aliases":["CVE-2025-43970","GHSA-hqhq-hp5x-xp3w"],"summary":"GoBGP does not properly check the input length in github.com/osrg/gobgp","details":"GoBGP does not properly check the input length in github.com/osrg/gobgp","affected":[{"package":{"name":"github.com/osrg/gobgp","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{}},{"package":{"name":"github.com/osrg/gobgp/v3","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"3.35.0"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/osrg/gobgp/v3/pkg/packet/mrt","symbols":["BGP4MPHeader.decodeFromBytes"]}]}}],"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-hqhq-hp5x-xp3w"},{"type":"FIX","url":"https://github.com/osrg/gobgp/commit/5153bafbe8dbe1a2f02a70bbf0365e98b80e47b0"},{"type":"WEB","url":"https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2025-3630","review_status":"REVIEWED"}}