VYPR

Go modules package

github.com/free5gc/nrf

pkg:golang/github.com/free5gc/nrf

Vulnerabilities (2)

  • CVE-2026-44325HigMay 27, 2026
    affected < 1.4.3fixed 1.4.3

    free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NRF root SBI endpoint POST /oauth2/token contains a parser-level type-confusion bug family. The handler in NFs/nrf/internal/sbi/api_accesstoken.go reflects over models.NrfAccessTokenAccessT

  • CVE-2026-33062Mar 20, 2026
    affected < 1.4.2fixed 1.4.2

    free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerability leading to Denial of Service. All deployments of free5GC using the NRF discovery service are affected. The `EncodeGroupId` function attempts to access arra