Known Vulnerabilities for products from FRRouting
Listed below are 20 of the newest known vulnerabilities associated with the vendor "FRRouting".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-5107 json | Not Provided | 2026-03-30 | 2026-03-30 | |
| CVE-2023-47235 json | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is ... | 7.5 - HIGH | 2023-11-03 | 2023-11-14 |
| CVE-2023-47234 json | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a... | 7.5 - HIGH | 2023-11-03 | 2023-11-14 |
| CVE-2023-46753 json | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory ... | 5.9 - MEDIUM | 2023-10-26 | 2023-11-09 |
| CVE-2023-46752 json | An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash. | 5.9 - MEDIUM | 2023-10-26 | 2023-11-13 |
| CVE-2023-41909 json | An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requ... | 7.5 - HIGH | 2023-09-05 | 2023-11-15 |
| CVE-2023-41361 json | An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software v... | 9.8 - CRITICAL | 2023-08-29 | 2023-10-26 |
| CVE-2023-41360 json | An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahe... | 9.1 - CRITICAL | 2023-08-29 | 2023-11-15 |
| CVE-2023-41359 json | An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.... | 9.1 - CRITICAL | 2023-08-29 | 2023-11-15 |
| CVE-2023-41358 json | An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero. | 7.5 - HIGH | 2023-08-29 | 2023-11-15 |
| CVE-2023-38802 json | FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BG... | 7.5 - HIGH | 2023-08-29 | 2023-11-15 |
| CVE-2023-38407 json | bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing. | 7.5 - HIGH | 2023-11-06 | 2023-11-14 |
| CVE-2023-38406 json | bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow." | 9.8 - CRITICAL | 2023-11-06 | 2023-11-14 |
| CVE-2023-31490 json | An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() fu... | 7.5 - HIGH | 2023-05-09 | 2023-12-21 |
| CVE-2023-31489 json | An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() ... | 5.5 - MEDIUM | 2023-05-09 | 2023-12-21 |
| CVE-2023-3748 json | A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue ... | 7.5 - HIGH | 2023-07-24 | 2023-11-07 |
| CVE-2022-43681 json | An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that e... | 6.5 - MEDIUM | 2023-05-03 | 2023-09-19 |
| CVE-2022-40318 json | An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (E... | 6.5 - MEDIUM | 2023-05-03 | 2023-09-19 |
| CVE-2022-40302 json | An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (E... | 6.5 - MEDIUM | 2023-05-03 | 2024-02-01 |
| CVE-2022-37035 json | An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet... | 8.1 - HIGH | 2022-08-02 | 2022-08-10 |
Known software with vulnerabilities from FRRouting
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Frrouting | Frrouting | 2.0 |