GHSA-vgq7-9r5r-j9v3

Опубликовано: 24 нояб. 2025

Источник: github

Github: Прошло ревью

CVSS3: 6.5

Описание

Free5GC is vulnerable to DoS through its Npcf_BDTPolicyControl POST API

An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via crafted POST request to the Npcf_BDTPolicyControl API.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2025-60632
https://github.com/free5gc/free5gc/issues/705
https://github.com/free5gc/pcf/pull/53
https://github.com/free5gc/free5gc

Пакеты

Наименование

github.com/free5gc/pcf

Затронутые версииВерсия исправления

< 1.4.0

1.4.0

EPSS

Процентиль: 13%

0.00043

Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2025-60632

Дефекты

CWE-617

Связанные уязвимости

CVE-2025-60632

CVSS3: 6.5

nvd

2 месяца назад

An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via crafted POST request to the Npcf_BDTPolicyControl API.

EPSS

Процентиль: 13%

0.00043

Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2025-60632

Дефекты

CWE-617