Filtered by vendor Free5gc
Subscribe
Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46324 | 2 Free5gc, Golang | 2 Udm, Go | 2024-01-09 | N/A | 7.5 HIGH |
| pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its private key and the attacker's public key. | |||||
| CVE-2023-49391 | 1 Free5gc | 1 Free5gc | 2024-01-03 | N/A | 7.5 HIGH |
| An issue was discovered in free5GC version 3.3.0, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) on AMF component via crafted NGAP message. | |||||
| CVE-2023-47347 | 1 Free5gc | 1 Free5gc | 2023-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes. | |||||
| CVE-2023-47345 | 1 Free5gc | 1 Free5gc | 2023-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP message with malformed PFCP Heartbeat message whose Recovery Time Stamp IE length is mutated to zero. | |||||
| CVE-2023-47346 | 1 Free5gc | 3 Free5gc, Smf, Upf | 2023-11-20 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages. | |||||