3 matches found
GHSA-WRWH-RPQ4-87HF free5gc UDR nudr-dr influenceData/subs-to-notify leaks SUPI in error response body without authentication
Summary An information disclosure vulnerability in the UDR service allows any unauthenticated attacker with access to the 5G Service Based Interface SBI to retrieve stored subscriber identifiers SUPI/IMSI with a single HTTP GET request requiring no parameters or credentials. Details The endpoint...
PT-2026-32972
Name of the Vulnerable Software and Affected Versions Free5GC versions 4.2.1 and earlier Description An information disclosure issue exists in the UDR Unified Data Repository service. An unauthenticated attacker with network access to the 5G Service Based Interface can retrieve stored subscriber...
Astra Linux – Vulnerability in xorg-server
A flaw was discovered in the X server’s request handling. A non-zero value for “bytes to ignore” in a client’s request can cause the server to skip processing another client’s request, potentially leading to a denial of service...