pkg:Go/github.com/free5gc/udr

8 total CVEsHIGH4MEDIUM4

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2026-40248free5gc UDR improper path validation allows unauthenticated creation and modification of Traffic Influence Subscriptions
    from 0, <= 1.4.2
  • HIGH7.5CVE-2026-40247free5gc UDR improper path validation allows unauthenticated access to Traffic Influence Subscriptions
    from 0, <= 1.4.2
  • HIGH7.5CVE-2026-40246free5gc UDR improper path validation allows unauthenticated deletion of Traffic Influence Subscriptions
    from 0, <= 1.4.2
  • HIGH7.5CVE-2026-40245free5gc UDR nudr-dr influenceData/subs-to-notify leaks SUPI in error response body without authentication
    from 0, <= 1.4.2
  • MEDIUM6.5CVE-2026-44324free5GC's UDR nudr-dr DELETE amf-subscriptions panics on missing UE state via nil interface type assertion (single authenticated request)
    from 0, < 1.4.3
  • MEDIUM5.8CVE-2026-40343free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation
    from 0, <= 1.4.2
  • MEDIUM5.3CVE-2026-40249free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors
    from 0, <= 1.4.2
  • MEDIUM4.3CVE-2026-44323free5GC's UDR nudr-dr DELETE amf-subscriptions panics on missing subsId when UE state exists (nil pointer dereference)
    from 0, < 1.4.3