Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-7464

A vulnerability classified as problematic has been found in osrg GoBGP up to 3.37.0. Affected is the function SplitRTR of the file pkg/packet/rtr/rtr.go. The manipulation leads to out-of-bounds read. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The name of the patch is e748f43496d74946d14fed85c776452e47b99d64. It is recommended to apply a patch to fix this issue.

Published

2025-07-12T07:15:22.950

Last Modified

2025-07-15T13:14:49.980

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 3.7 (LOW)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

4.9

Impact Score

2.9

Weaknesses

Type: Primary
CWE-119
CWE-125

Affected Vendors & Products

References

https://github.com/osrg/gobgp/commit/e748f43496d74946d14fed85c776452e47b99d64 ([email protected])
https://vuldb.com/?ctiid.316116 ([email protected])
https://vuldb.com/?id.316116 ([email protected])
https://vuldb.com/?submit.610193 ([email protected])