Vulnerabilities > Open5Gs > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-16 | CVE-2022-39063 | Unspecified vulnerability in Open5Gs When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. | 7.5 |
| 2022-04-05 | CVE-2021-44108 | NULL Pointer Dereference vulnerability in Open5Gs A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request to amf. | 7.5 |
| 2022-04-05 | CVE-2021-44109 | Out-of-bounds Write vulnerability in Open5Gs A buffer overflow in lib/sbi/message.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request. | 7.5 |
| 2022-03-29 | CVE-2021-44081 | Out-of-bounds Write vulnerability in Open5Gs 2.1.4 A buffer overflow vulnerability exists in the AMF of open5gs 2.1.4. | 7.5 |
| 2021-12-23 | CVE-2021-45462 | Improper Validation of Specified Quantity in Input vulnerability in Open5Gs 2.4.0 In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF. | 7.5 |
| 2021-10-07 | CVE-2021-41794 | Classic Buffer Overflow vulnerability in Open5Gs ogs_fqdn_parse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. | 7.5 |
| 2021-01-26 | CVE-2021-25863 | Improper Authentication vulnerability in Open5Gs 2.1.3 Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account. | 8.8 |