Vulnerabilities > Free5Gc > UDM

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-23	CVE-2023-46324	Improper Verification of Cryptographic Signature vulnerability in Free5Gc UDM pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. network low complexity free5gc CWE-347	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.