{"uuid": "bf6ef30c-d557-4c44-86f4-9b283ecf2a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43970", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12628", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43970\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N)\n\ud83d\udd39 Description: An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g.. by ensuring that there are 12 bytes or 36 bytes (depending on the address family).\n\ud83d\udccf Published: 2025-04-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T00:56:31.591Z\n\ud83d\udd17 References:\n1. https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0\n2. https://github.com/osrg/gobgp/commit/5153bafbe8dbe1a2f02a70bbf0365e98b80e47b0", "creation_timestamp": "2025-04-21T01:02:22.000000Z"}