CVE-2026-5122 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A security flaw has been discovered in osrg GoBGP up to 4.3.0. This affects the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP…
Medium CVSS: 6.3

CVE-2026-5122

A security flaw has been discovered in osrg GoBGP up to 4.3.0. This affects the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP OPEN Message Handler. Performing a manipulation of the argument domainNameLen results in improper access controls. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The patch is named 2b09db390a3d455808363c53e409afe6b1b86d2d. It is suggested to install a patch to address this issue.
Vendor
-
Product
-
CWE
CWE-266
Yayın Tarihi
2026-03-30 15:16:35
Güncelleme
2026-04-01 14:24:21
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-266 MEDIUM 2026

Referanslar

https://github.com/osrg/gobgp/ https://github.com/osrg/gobgp/commit/2b09db390a3d455808363c53e409afe6b1b86d2d https://github.com/osrg/gobgp/pull/3343 https://vuldb.com/submit/780124 https://vuldb.com/vuln/354154 https://vuldb.com/vuln/354154/cti