Lucene search
+L

4 matches found

OSV
OSV
added 2026/05/27 3:53 p.m.4 views

CVE-2026-42459 free5GC: Improper Input Validation and Generation of Error Message Containing Sensitive Information in github.com/free5gc/udm

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm Subscriber Data Management service. An unauthenticated attacker can inject control characters into the SUPI...

8.7CVSS6AI score0.00324EPSS
Exploits1References3
NVD
NVD
added 2026/02/24 12:16 a.m.14 views

CVE-2025-69250

free5gc UDM provides Unified Data Management UDM for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the service reliably leaks detailed internal error messages e.g., strconv.ParseInt parsing errors to remote clients when processi...

8.7CVSS0.00398EPSS
Exploits1References4
Snyk
Snyk
added 2025/09/09 3:30 a.m.3 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure in the authentication process. An attacker can obtain sensitive internal error information by submitting a login attempt with a deleted client secret. Remediation A fix was pushed into the master branch but not yet...

5.3CVSS6.7AI score0.00216EPSS
Exploits0References2
OSV
OSV
added 2022/08/06 5:39 a.m.13 views

GHSA-C2J7-66M3-R4FF JSPUI's "Internal System Error" page prints exceptions and stack traces without sanitization

Impact When an "Internal System Error" occurs in the JSPUI, then entire exception including stack trace is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impacts the JSPUI. This vulnerability does NOT impact...

5.3CVSS5.7AI score0.00582EPSS
Exploits0References4
Rows per page
Query Builder