Moderate severityNVD Advisory· Published Nov 24, 2025· Updated Nov 24, 2025
CVE-2025-60633
CVE-2025-60633
Description
An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via the Nudm_SubscriberDataManagement API.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/free5gc/udmGo | <= 1.4.0 | — |
github.com/free5gc/openapiGo | < 1.2.2 | 1.2.2 |
Affected products
4- ghsa-coords3 versionspkg:golang/github.com/free5gc/openapipkg:golang/github.com/free5gc/udmpkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6
< 1.2.2+ 2 more
- (no CPE)range: < 1.2.2
- (no CPE)range: <= 1.4.0
- (no CPE)range: < 0.0.20251230T014957-150000.1.134.1
Patches
Vulnerability mechanics
References
14- github.com/advisories/GHSA-3j9f-7w24-pcqgghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-60633ghsaADVISORY
- github.com/free5gc/free5gc/issues/700ghsaWEB
- github.com/free5gc/free5gc/issues/701ghsaWEB
- github.com/free5gc/free5gc/issues/702ghsaWEB
- github.com/free5gc/free5gc/issues/703ghsaWEB
- github.com/free5gc/openapi/commit/d50c83e8fe7ebf9a62d9de99517e21a17f627b52ghsaWEB
- github.com/free5gc/openapi/pull/65ghsaWEB
- github.com/free5gc/udm/commit/57c56a3ad4bc53a62cab259045e78ec9abdb98caghsaWEB
- github.com/free5gc/udm/commit/ca9976857909a422dcff5bf2228756fc2bfc80d1ghsaWEB
- github.com/free5gc/udm/commit/e776c42177817f75e75e7a587c58c2a027beed81ghsaWEB
- github.com/free5gc/udm/pull/63ghsaWEB
- github.com/free5gc/udm/pull/65ghsaWEB
- github.com/free5gc/udm/pull/66ghsaWEB
News mentions
0No linked articles in our index yet.