Vulnerabilities > Free5Gc > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-22 | CVE-2023-49391 | Unspecified vulnerability in Free5Gc 3.3.0 An issue was discovered in free5GC version 3.3.0, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) on AMF component via crafted NGAP message. | 7.5 |
| 2023-11-15 | CVE-2023-47345 | Classic Buffer Overflow vulnerability in Free5Gc 3.3.0 Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP message with malformed PFCP Heartbeat message whose Recovery Time Stamp IE length is mutated to zero. | 7.5 |
| 2023-11-15 | CVE-2023-47347 | Classic Buffer Overflow vulnerability in Free5Gc 3.3.0 Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes. | 7.5 |
| 2023-11-13 | CVE-2023-47346 | Classic Buffer Overflow vulnerability in Free5Gc Free5Gc, SMF and UPF Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages. | 7.5 |
| 2023-10-23 | CVE-2023-46324 | Improper Verification of Cryptographic Signature vulnerability in Free5Gc UDM pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. | 7.5 |
| 2022-11-18 | CVE-2022-38871 | Resource Exhaustion vulnerability in Free5Gc 3.0.5 In Free5gc v3.0.5, the AMF breaks due to malformed NAS messages. | 7.5 |
| 2022-10-25 | CVE-2022-38870 | Missing Authentication for Critical Function vulnerability in Free5Gc 3.2.1 Free5gc v3.2.1 is vulnerable to Information disclosure. | 7.5 |