Free5gc
by Free5gc
Source repositories
CVEs (67)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-49391 | 0.00 | — | 0.01 | Dec 22, 2023 | An issue was discovered in free5GC version 3.3.0, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) on AMF component via crafted NGAP message. | |||
| CVE-2023-47025 | 0.00 | — | 0.00 | Nov 16, 2023 | An issue in Free5gc v.3.3.0 allows a local attacker to cause a denial of service via the free5gc-compose component. | |||
| CVE-2023-47345 | 0.00 | — | 0.01 | Nov 15, 2023 | Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP message with malformed PFCP Heartbeat message whose Recovery Time Stamp IE length is mutated to zero. | |||
| CVE-2023-47347 | 0.00 | — | 0.01 | Nov 15, 2023 | Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes. | |||
| CVE-2023-47346 | 0.00 | — | 0.01 | Nov 13, 2023 | Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages. | |||
| CVE-2022-38871 | 0.00 | — | 0.01 | Nov 18, 2022 | In Free5gc v3.0.5, the AMF breaks due to malformed NAS messages. | |||
| CVE-2022-43677 | 0.00 | — | 0.01 | Oct 24, 2022 | In free5GC 3.2.1, a malformed NGAP message can crash the AMF and NGAP decoders via an index-out-of-range panic in aper.GetBitString. |
- CVE-2023-49391Dec 22, 2023risk 0.00cvss —epss 0.01
An issue was discovered in free5GC version 3.3.0, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) on AMF component via crafted NGAP message.
- CVE-2023-47025Nov 16, 2023risk 0.00cvss —epss 0.00
An issue in Free5gc v.3.3.0 allows a local attacker to cause a denial of service via the free5gc-compose component.
- CVE-2023-47345Nov 15, 2023risk 0.00cvss —epss 0.01
Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP message with malformed PFCP Heartbeat message whose Recovery Time Stamp IE length is mutated to zero.
- CVE-2023-47347Nov 15, 2023risk 0.00cvss —epss 0.01
Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes.
- CVE-2023-47346Nov 13, 2023risk 0.00cvss —epss 0.01
Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages.
- CVE-2022-38871Nov 18, 2022risk 0.00cvss —epss 0.01
In Free5gc v3.0.5, the AMF breaks due to malformed NAS messages.
- CVE-2022-43677Oct 24, 2022risk 0.00cvss —epss 0.01
In free5GC 3.2.1, a malformed NGAP message can crash the AMF and NGAP decoders via an index-out-of-range panic in aper.GetBitString.
Page 4 of 4