Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frrouting frrouting vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-38406
bgpd/bgp_flowspec.c in FRRouting (FRR) prior to 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."
Frrouting Frrouting
9.8
CVSSv3
CVE-2023-41361
An issue exists in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version.
Frrouting Frrouting
Debian Debian Linux 10.0
9.1
CVSSv3
CVE-2023-41359
An issue exists in FRRouting FRR up to and including 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.
Frrouting Frrouting
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
9.1
CVSSv3
CVE-2023-41360
An issue exists in FRRouting FRR up to and including 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.
Frrouting Frrouting
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
9.1
CVSSv3
CVE-2022-37032
An out-of-bounds read in the BGP daemon of FRRouting FRR prior to 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c.
Frrouting Frrouting
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.1
CVSSv3
CVE-2022-37035
An issue exists in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. ...
Frrouting Frrouting 8.3
7.8
CVSSv3
CVE-2022-26126
Buffer overflow vulnerabilities exist in FRRouting up to and including 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c.
Frrouting Frrouting
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.8
CVSSv3
CVE-2022-26125
Buffer overflow vulnerabilities exist in FRRouting up to and including 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c.
Frrouting Frrouting
7.8
CVSSv3
CVE-2022-26129
Buffer overflow vulnerabilities exist in FRRouting up to and including 8.1.0 due to wrong checks on the subtlv length in the functions, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv in babeld/message.c.
Frrouting Frrouting
7.8
CVSSv3
CVE-2022-26127
A buffer overflow vulnerability exists in FRRouting up to and including 8.1.0 due to missing a check on the input packet length in the babel_packet_examin function in babeld/message.c.
Frrouting Frrouting
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »