Vulnerabilities > Open5Gs > Open5Gs > 2.4.11

DATE CVE VULNERABILITY TITLE RISK
2023-02-01 CVE-2023-23846 Allocation of Resources Without Limits or Throttling vulnerability in Open5Gs
Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4.13 and 2.5.7, when parsing extension headers in GPRS tunneling protocol (GPTv1-U) messages, a protocol payload with any extension header length set to zero causes an infinite loop.
network
low complexity
open5gs CWE-770
7.5
7.5
2022-11-01 CVE-2022-43221 Memory Leak vulnerability in Open5Gs 2.4.11
open5gs v2.4.11 was discovered to contain a memory leak in the component src/upf/pfcp-path.c.
network
low complexity
open5gs CWE-401
7.5
7.5
2022-11-01 CVE-2022-43222 Memory Leak vulnerability in Open5Gs 2.4.11
open5gs v2.4.11 was discovered to contain a memory leak in the component src/smf/pfcp-path.c.
network
low complexity
open5gs CWE-401
7.5
7.5
2022-11-01 CVE-2022-43223 Memory Leak vulnerability in Open5Gs 2.4.11
open5gs v2.4.11 was discovered to contain a memory leak in the component ngap-handler.c.
network
low complexity
open5gs CWE-401
7.5
7.5