5 matches found
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the PolicyDataSubsToNotifyPost process. An attacker can create unintended notification subscriptions with invalid, empty, or partially processed input by sending malformed or...
CVE-2026-40343
free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...
CVE-2026-40343 free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation
free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...
GHSA-JWCH-W7WH-GQJM free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation
Summary A fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended creation of Policy Data notification subscriptions wit...
EUVD-2026-24555
free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation...