Filtered by vendor Open5gs
Subscriptions
Filtered by product Open5gs
Subscriptions
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-50019 | 1 Open5gs | 1 Open5gs | 2024-08-02 | 5.9 Medium |
| An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of Nudm_UECM_Registration response. | ||||
| CVE-2023-50020 | 1 Open5gs | 1 Open5gs | 2024-08-02 | 7.5 High |
| An issue was discovered in open5gs v2.6.6. SIGPIPE can be used to crash AMF. | ||||
| CVE-2023-23846 | 1 Open5gs | 1 Open5gs | 2024-08-02 | 7.5 High |
| Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4.13 and 2.5.7, when parsing extension headers in GPRS tunneling protocol (GPTv1-U) messages, a protocol payload with any extension header length set to zero causes an infinite loop. The affected process becomes immediately unresponsive, resulting in denial of service and excessive resource consumption. CVSS3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C | ||||
| CVE-2024-33382 | 1 Open5gs | 1 Open5gs | 2024-08-02 | N/A |
| An issue in Open5GS v.2.7.0 allows an attacker to cause a denial of service via the 64 unsuccessful UE/gnb registration | ||||