VDB
GO-2025-4162
GO-2025-4162
PUBLISHED
CVSS 8.699999809265137 HIGH
Free5GC is vulnerable to DoS via the Nudm_SubscriberDataManagement API in github.com/free5gc/openapi
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | free5gc/openapi | 0, 0 |
| github.com | free5gc/udm | 0, 0 |
Timeline
- Dec 15, 2025 CVE Published
- Mar 3, 2026 CVE Updated
References
- https://github.com/advisories/GHSA-3j9f-7w24-pcqg advisory
- https://github.com/free5gc/openapi/commit/d50c83e8fe7ebf9a62d9de99517e21a17f627b52 patch
- https://github.com/free5gc/openapi/pull/65 patch
- https://github.com/free5gc/udm/commit/57c56a3ad4bc53a62cab259045e78ec9abdb98ca patch
- https://github.com/free5gc/udm/commit/ca9976857909a422dcff5bf2228756fc2bfc80d1 patch
- https://github.com/free5gc/udm/commit/e776c42177817f75e75e7a587c58c2a027beed81 patch
- https://github.com/free5gc/udm/pull/63 patch
- https://github.com/free5gc/udm/pull/65 patch
- https://github.com/free5gc/udm/pull/66 patch
- https://github.com/free5gc/free5gc/issues/700 url
- https://github.com/free5gc/free5gc/issues/701 url
- https://github.com/free5gc/free5gc/issues/702 url
- https://github.com/free5gc/free5gc/issues/703 url