Vulnerabilities > Open5Gs

DATE CVE VULNERABILITY TITLE RISK
2022-11-01 CVE-2022-43222 Memory Leak vulnerability in Open5Gs 2.4.11
open5gs v2.4.11 was discovered to contain a memory leak in the component src/smf/pfcp-path.c.
network
low complexity
open5gs CWE-401
7.5
2022-11-01 CVE-2022-43223 Memory Leak vulnerability in Open5Gs 2.4.11
open5gs v2.4.11 was discovered to contain a memory leak in the component ngap-handler.c.
network
low complexity
open5gs CWE-401
7.5
2022-09-29 CVE-2022-40890 Improper Resource Shutdown or Release vulnerability in Open5Gs
A vulnerability in /src/amf/amf-context.c in Open5GS 2.4.10 and earlier leads to AMF denial of service.
network
low complexity
open5gs CWE-404
7.5
2022-09-28 CVE-2022-3354 Unspecified vulnerability in Open5Gs
A vulnerability has been found in Open5GS up to 2.4.10 and classified as problematic.
network
low complexity
open5gs
7.5
2022-09-26 CVE-2022-3299 Unspecified vulnerability in Open5Gs
A vulnerability was found in Open5GS up to 2.4.10.
network
low complexity
open5gs
6.5
2022-09-16 CVE-2022-39063 Unspecified vulnerability in Open5Gs
When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response.
network
low complexity
open5gs
7.5
2022-04-05 CVE-2021-44108 NULL Pointer Dereference vulnerability in Open5Gs
A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request to amf.
network
low complexity
open5gs CWE-476
7.5
2022-04-05 CVE-2021-44109 Out-of-bounds Write vulnerability in Open5Gs
A buffer overflow in lib/sbi/message.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request.
network
low complexity
open5gs CWE-787
7.5
2022-03-29 CVE-2021-44081 Out-of-bounds Write vulnerability in Open5Gs 2.1.4
A buffer overflow vulnerability exists in the AMF of open5gs 2.1.4.
network
low complexity
open5gs CWE-787
7.5
2021-12-23 CVE-2021-45462 Improper Validation of Specified Quantity in Input vulnerability in Open5Gs 2.4.0
In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF.
network
low complexity
open5gs CWE-1284
7.5