Vulnerabilities > Open5Gs > High

DATE CVE VULNERABILITY TITLE RISK
2025-01-21 CVE-2024-24427 Reachable Assertion vulnerability in Open5Gs
A reachable assertion in the amf_ue_set_suci function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.
network
low complexity
open5gs CWE-617
7.5
7.5
2025-01-21 CVE-2024-24428 Reachable Assertion vulnerability in Open5Gs
A reachable assertion in the oai_nas_5gmm_decode function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet.
network
low complexity
open5gs CWE-617
7.5
7.5
2024-01-02 CVE-2023-50020 Resource Exhaustion vulnerability in Open5Gs 2.6.6
An issue was discovered in open5gs v2.6.6.
network
low complexity
open5gs CWE-400
7.5
7.5
2023-10-03 CVE-2023-4882 Improper Resource Shutdown or Release vulnerability in Open5Gs
DOS vulnerability that could allow an attacker to register a new VNF (Virtual Network Function) value.
network
low complexity
open5gs CWE-404
7.5
7.5
2023-10-03 CVE-2023-4883 Release of Invalid Pointer or Reference vulnerability in Open5Gs
Invalid pointer release vulnerability.
network
low complexity
open5gs CWE-763
7.5
7.5
2023-10-03 CVE-2023-4884 Missing Authentication for Critical Function vulnerability in Open5Gs
An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication.
network
low complexity
open5gs CWE-306
7.5
7.5
2023-02-01 CVE-2023-23846 Allocation of Resources Without Limits or Throttling vulnerability in Open5Gs
Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4.13 and 2.5.7, when parsing extension headers in GPRS tunneling protocol (GPTv1-U) messages, a protocol payload with any extension header length set to zero causes an infinite loop.
network
low complexity
open5gs CWE-770
7.5
7.5
2022-11-01 CVE-2022-43221 Memory Leak vulnerability in Open5Gs 2.4.11
open5gs v2.4.11 was discovered to contain a memory leak in the component src/upf/pfcp-path.c.
network
low complexity
open5gs CWE-401
7.5
7.5
2022-11-01 CVE-2022-43222 Memory Leak vulnerability in Open5Gs 2.4.11
open5gs v2.4.11 was discovered to contain a memory leak in the component src/smf/pfcp-path.c.
network
low complexity
open5gs CWE-401
7.5
7.5
2022-11-01 CVE-2022-43223 Memory Leak vulnerability in Open5Gs 2.4.11
open5gs v2.4.11 was discovered to contain a memory leak in the component ngap-handler.c.
network
low complexity
open5gs CWE-401
7.5
7.5