Browse all 4 CVE security advisories affecting GoBGP. AI-powered Chinese analysis, POCs, and references for each vulnerability.
GoBGP serves as an open-source BGP implementation for network automation and routing policy management, commonly used in cloud and telecom environments. Historically, it has been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws due to input validation weaknesses and insecure default configurations. The project maintains four CVE records, with notable issues including buffer overflows in route processing and authentication bypass vulnerabilities. While no major public incidents have been widely reported, its exposure to internet-facing protocols makes it a potential attack vector for network hijacking or denial-of-service scenarios. Regular updates and proper hardening are recommended for production deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-43971 | GoBGP 安全漏洞 — GoBGPCWE-193 | 8.6 | High | 2025-04-21 |
| CVE-2025-43970 | GoBGP 安全漏洞 — GoBGPCWE-1284 | 4.3 | Medium | 2025-04-21 |
| CVE-2025-43973 | GoBGP 安全漏洞 — GoBGPCWE-193 | 6.8 | Medium | 2025-04-21 |
| CVE-2025-43972 | GoBGP 安全漏洞 — GoBGPCWE-1284 | 6.8 | Medium | 2025-04-21 |
This page lists every published CVE security advisory associated with GoBGP. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.