Vulnerabilities > Open5Gs > Open5Gs > 2.1.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-03 | CVE-2023-4882 | Improper Resource Shutdown or Release vulnerability in Open5Gs DOS vulnerability that could allow an attacker to register a new VNF (Virtual Network Function) value. | 7.5 |
| 2023-10-03 | CVE-2023-4883 | Release of Invalid Pointer or Reference vulnerability in Open5Gs Invalid pointer release vulnerability. | 7.5 |
| 2023-10-03 | CVE-2023-4884 | Missing Authentication for Critical Function vulnerability in Open5Gs An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication. | 7.5 |
| 2023-10-03 | CVE-2023-4885 | Unspecified vulnerability in Open5Gs Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information. | 5.9 |
| 2023-02-01 | CVE-2023-23846 | Allocation of Resources Without Limits or Throttling vulnerability in Open5Gs Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4.13 and 2.5.7, when parsing extension headers in GPRS tunneling protocol (GPTv1-U) messages, a protocol payload with any extension header length set to zero causes an infinite loop. | 7.5 |
| 2022-09-29 | CVE-2022-40890 | Improper Resource Shutdown or Release vulnerability in Open5Gs A vulnerability in /src/amf/amf-context.c in Open5GS 2.4.10 and earlier leads to AMF denial of service. | 7.5 |
| 2022-09-28 | CVE-2022-3354 | Improper Resource Shutdown or Release vulnerability in Open5Gs A vulnerability has been found in Open5GS up to 2.4.10 and classified as problematic. | 7.5 |
| 2022-04-05 | CVE-2021-44108 | NULL Pointer Dereference vulnerability in Open5Gs A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request to amf. | 5.0 |
| 2022-04-05 | CVE-2021-44109 | Out-of-bounds Write vulnerability in Open5Gs A buffer overflow in lib/sbi/message.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request. | 5.0 |
| 2022-03-29 | CVE-2021-44081 | Out-of-bounds Write vulnerability in Open5Gs 2.1.4 A buffer overflow vulnerability exists in the AMF of open5gs 2.1.4. | 5.0 |