Known Vulnerabilities for products from FRRouting
Listed below are 20 of the newest known vulnerabilities associated with the vendor "FRRouting".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-37459 json | Not Provided | 2026-05-04 | 2026-05-04 | |
| CVE-2026-37458 json | Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated at... | Not Provided | 2026-05-04 | 2026-05-11 |
| CVE-2026-37457 json | Not Provided | 2026-05-01 | 2026-05-01 | |
| CVE-2026-28532 json | FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV ... | Not Provided | 2026-04-30 | 2026-05-01 |
| CVE-2026-5107 json | A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/... | Not Provided | 2026-03-30 | 2026-04-29 |
| CVE-2023-47235 json | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is ... | 7.5 - HIGH | 2023-11-03 | 2023-11-14 |
| CVE-2023-47234 json | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a... | 7.5 - HIGH | 2023-11-03 | 2023-11-14 |
| CVE-2023-46753 json | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory ... | 5.9 - MEDIUM | 2023-10-26 | 2023-11-09 |
| CVE-2023-46752 json | An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash. | 5.9 - MEDIUM | 2023-10-26 | 2023-11-13 |
| CVE-2023-41909 json | An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requ... | 7.5 - HIGH | 2023-09-05 | 2023-11-15 |
| CVE-2023-41361 json | An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software v... | 9.8 - CRITICAL | 2023-08-29 | 2023-10-26 |
| CVE-2023-41360 json | An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahe... | 9.1 - CRITICAL | 2023-08-29 | 2023-11-15 |
| CVE-2023-41359 json | An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.... | 9.1 - CRITICAL | 2023-08-29 | 2023-11-15 |
| CVE-2023-41358 json | An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero. | 7.5 - HIGH | 2023-08-29 | 2023-11-15 |
| CVE-2023-38802 json | FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BG... | 7.5 - HIGH | 2023-08-29 | 2023-11-15 |
| CVE-2023-38407 json | bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing. | 7.5 - HIGH | 2023-11-06 | 2023-11-14 |
| CVE-2023-38406 json | bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow." | 9.8 - CRITICAL | 2023-11-06 | 2023-11-14 |
| CVE-2023-31490 json | An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() fu... | 7.5 - HIGH | 2023-05-09 | 2023-12-21 |
| CVE-2023-31489 json | An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() ... | 5.5 - MEDIUM | 2023-05-09 | 2023-12-21 |
| CVE-2023-3748 json | A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue ... | 7.5 - HIGH | 2023-07-24 | 2023-11-07 |
Known software with vulnerabilities from FRRouting
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Frrouting | Frrouting | 2.0 |