Open5gs

Open5gs

116 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2023-4885

  • EPSS 0.07%
  • Veröffentlicht 03.10.2023 15:15:40
  • Zuletzt bearbeitet 21.11.2024 08:36:11

Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information.

7.5

CVE-2023-23846

  • EPSS 0.51%
  • Veröffentlicht 01.02.2023 03:15:08
  • Zuletzt bearbeitet 27.03.2025 14:15:20

Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4.13 and 2.5.7, when parsing extension headers in GPRS tunneling protocol (GPTv1-U) messages, a protocol payload with any extension header length set to zer...

7.5

CVE-2022-43221

Exploit
  • EPSS 0.32%
  • Veröffentlicht 01.11.2022 14:15:15
  • Zuletzt bearbeitet 02.05.2025 22:15:16

open5gs v2.4.11 was discovered to contain a memory leak in the component src/upf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet.

7.5

CVE-2022-43222

Exploit
  • EPSS 0.32%
  • Veröffentlicht 01.11.2022 14:15:15
  • Zuletzt bearbeitet 02.05.2025 22:15:16

open5gs v2.4.11 was discovered to contain a memory leak in the component src/smf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet.

7.5

CVE-2022-43223

Exploit
  • EPSS 0.32%
  • Veröffentlicht 01.11.2022 14:15:15
  • Zuletzt bearbeitet 02.05.2025 21:15:19

open5gs v2.4.11 was discovered to contain a memory leak in the component ngap-handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted UE attachment.

7.5

CVE-2022-40890

Exploit
  • EPSS 0.43%
  • Veröffentlicht 29.09.2022 13:15:11
  • Zuletzt bearbeitet 21.05.2025 14:15:25

A vulnerability in /src/amf/amf-context.c in Open5GS 2.4.10 and earlier leads to AMF denial of service.

7.5

CVE-2022-3354

Exploit
  • EPSS 0.39%
  • Veröffentlicht 28.09.2022 16:15:12
  • Zuletzt bearbeitet 21.11.2024 07:19:21

A vulnerability has been found in Open5GS up to 2.4.10 and classified as problematic. This vulnerability affects unknown code in the library lib/core/ogs-tlv-msg.c of the component UDP Packet Handler. The manipulation leads to denial of service. The ...

6.5

CVE-2022-3299

Exploit
  • EPSS 0.36%
  • Veröffentlicht 26.09.2022 13:15:11
  • Zuletzt bearbeitet 21.11.2024 07:19:14

A vulnerability was found in Open5GS up to 2.4.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality in the library lib/sbi/client.c of the component AMF. The manipulation leads to denial of service. The ...

7.5

CVE-2022-39063

Exploit
  • EPSS 0.62%
  • Veröffentlicht 16.09.2022 19:15:10
  • Zuletzt bearbeitet 21.11.2024 07:17:28

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the f_teid_len from incoming message, and then uses it to copy data fr...

7.5

CVE-2021-44108

Exploit
  • EPSS 0.56%
  • Veröffentlicht 05.04.2022 02:15:06
  • Zuletzt bearbeitet 21.11.2024 06:30:22

A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request to amf.