{"vulnerability": "cve-2025-4397", "sightings": [{"uuid": "3a003872-9c68-4b7e-84c3-d10d56c476ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43971", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114373334403320705", "content": "", "creation_timestamp": "2025-04-21T01:23:04.540278Z"}, {"uuid": "281e90fb-679f-4be4-889e-247d2bd84b9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43970", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114373444529201097", "content": "", "creation_timestamp": "2025-04-21T01:51:05.011670Z"}, {"uuid": "27e837a7-b52c-4198-b6b1-50dfdd26156e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43971", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114373444529201097", "content": "", "creation_timestamp": "2025-04-21T01:51:05.107024Z"}, {"uuid": "1f57898a-6682-4b88-874b-3963020420ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43972", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114373444529201097", "content": "", "creation_timestamp": "2025-04-21T01:51:05.196560Z"}, {"uuid": "a7cf5c7f-883d-4779-877c-424fa4563cc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43973", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114373444529201097", "content": "", "creation_timestamp": "2025-04-21T01:51:05.283002Z"}, {"uuid": "6d67b87b-7175-4ad5-bf81-4ed32e224f1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43971", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnc5oxslvy2y", "content": "", "creation_timestamp": "2025-04-21T02:49:15.920236Z"}, {"uuid": "1a866218-6d52-442b-b684-fd84c8d8b0b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43970", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnc5oxzlvn2d", "content": "", "creation_timestamp": "2025-04-21T02:49:17.053877Z"}, {"uuid": "5977a974-0f1c-4cc9-94d7-9b966de6539c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43973", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnc5oye3tx2l", "content": "", "creation_timestamp": "2025-04-21T02:49:18.837033Z"}, {"uuid": "fc30424e-4b19-4b19-94a4-eb568c0c495f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43972", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnc5oyldc72l", "content": "", "creation_timestamp": "2025-04-21T02:49:20.044154Z"}, {"uuid": "755b2f78-01b9-47c7-80c7-321b0aa904b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43971", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114373905754149226", "content": "", "creation_timestamp": "2025-04-21T03:48:23.139023Z"}, {"uuid": "9288df5c-5cb6-49d4-8465-00d4b7ae062f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43971", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lncua2rmbn2x", "content": "", "creation_timestamp": "2025-04-21T09:32:31.283789Z"}, {"uuid": "bf6ef30c-d557-4c44-86f4-9b283ecf2a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43970", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12628", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43970\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N)\n\ud83d\udd39 Description: An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g.. by ensuring that there are 12 bytes or 36 bytes (depending on the address family).\n\ud83d\udccf Published: 2025-04-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T00:56:31.591Z\n\ud83d\udd17 References:\n1. https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0\n2. https://github.com/osrg/gobgp/commit/5153bafbe8dbe1a2f02a70bbf0365e98b80e47b0", "creation_timestamp": "2025-04-21T01:02:22.000000Z"}, {"uuid": "96fa6d40-e08e-43d2-839e-fbc65e69e894", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43973", "type": "seen", "source": "https://t.me/cvedetector/23430", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43973 - GoBGP Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43973 \nPublished : April 21, 2025, 1:15 a.m. | 2\u00a0hours, 15\u00a0minutes ago \nDescription : An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-21T06:26:58.000000Z"}, {"uuid": "04532b2b-3009-4668-a7bd-654a545f724a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43972", "type": "seen", "source": "https://t.me/cvedetector/23429", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43972 - GoBGP FlowSpec Parser Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-43972 \nPublished : April 21, 2025, 1:15 a.m. | 2\u00a0hours, 15\u00a0minutes ago \nDescription : An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-21T06:26:57.000000Z"}, {"uuid": "dfee5e49-b2d6-4af0-a2b3-65dc35424389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43971", "type": "seen", "source": "https://t.me/cvedetector/23428", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43971 - GoBGP Zero-Value Software Version Len Panic\", \n  \"Content\": \"CVE ID : CVE-2025-43971 \nPublished : April 21, 2025, 1:15 a.m. | 2\u00a0hours, 15\u00a0minutes ago \nDescription : An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-21T06:26:57.000000Z"}, {"uuid": "6e26d967-1217-4a1a-96ba-7ed989a69af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43970", "type": "seen", "source": "https://t.me/cvedetector/23427", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43970 - GoBGP MRT Length Validation Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2025-43970 \nPublished : April 21, 2025, 1:15 a.m. | 2\u00a0hours, 15\u00a0minutes ago \nDescription : An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family). \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-21T06:26:56.000000Z"}, {"uuid": "2420b18d-4145-40e3-a110-c029cbdf745d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43971", "type": "seen", "source": "https://gist.github.com/alon710/9fb7a6886103235822c39ed7b5c3e5a3", "content": "", "creation_timestamp": "2026-01-24T22:41:10.000000Z"}, {"uuid": "0416dc48-b78b-4a44-978b-d5ddabd8384c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43971", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12629", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43971\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.\n\ud83d\udccf Published: 2025-04-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T00:54:16.621Z\n\ud83d\udd17 References:\n1. https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0\n2. https://github.com/osrg/gobgp/commit/08a001e06d90e8bcc190084c66992f46f62c0986", "creation_timestamp": "2025-04-21T01:02:23.000000Z"}, {"uuid": "9f37ef18-3d70-4af7-969a-d4f28cefb5be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43971", "type": "seen", "source": "https://gist.github.com/alon710/15a2f8a376c5cf263bcd620fb46381e1", "content": "", "creation_timestamp": "2026-01-24T21:25:46.000000Z"}, {"uuid": "141ca0da-ceda-4051-bec9-045efe0bf2bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43973", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12631", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43973\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message.\n\ud83d\udccf Published: 2025-04-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T00:54:05.030Z\n\ud83d\udd17 References:\n1. https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0\n2. https://github.com/osrg/gobgp/commit/5693c58a4815cc6327b8d3b6980f0e5aced28abe", "creation_timestamp": "2025-04-21T01:02:24.000000Z"}, {"uuid": "5ae086fb-1543-4b09-a74f-4df7cb4805f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43972", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12630", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43972\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context.\n\ud83d\udccf Published: 2025-04-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T00:54:10.879Z\n\ud83d\udd17 References:\n1. https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0\n2. https://github.com/osrg/gobgp/commit/ca7383f450f7b296c5389feceef2467de5ab6e5a", "creation_timestamp": "2025-04-21T01:02:23.000000Z"}, {"uuid": "c6f55479-7cf4-4024-b245-19bf4887460c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43971", "type": "published-proof-of-concept", "source": "Telegram/T2g6_1_ZiLuhwu7lQEMVz3_DCgHNfUc1G3N794hMq4sJtZg", "content": "", "creation_timestamp": "2025-04-21T05:30:28.000000Z"}]}