pkg:Go/github.com/free5gc/nef

共 7 筆 CVECRITICAL4HIGH3

✅ 檢查你的版本

所有已知漏洞

  • CRITICAL10.0CVE-2026-44330free5GC's NEF nnef-pfdmanagement API is unauthenticated; forged bearer tokens can read PFD data and create/delete PFD subscriptions
    from 0, <= 1.2.3
  • CRITICAL10.0CVE-2026-44327free5GC's NEF nnef-oam route group is unauthenticated; no-token requests reach the OAM handler
    from 0, <= 1.2.3
  • CRITICAL9.4CVE-2026-44326free5GC's NEF 3gpp-traffic-influence API is unauthenticated; missing or forged bearer tokens can create, read, patch, and delete subscriptions
    from 0, <= 1.2.3
  • CRITICAL9.4CVE-2026-44315free5GC's NEF 3gpp-pfd-management API is unauthenticated; forged bearer tokens can create, read, and delete PFD transactions
    from 0, <= 1.2.3
  • HIGH7.5CVE-2026-44322free5GC's NEF 3gpp-pfd-management PATCH applications/{appId} panics on UDR access failure due to nil ProblemDetails dereference
    from 0, < 1.2.3
  • HIGH7.5CVE-2026-44319free5GC's NEF crashes via logger.Fatal on PFD notification delivery failure (attacker-controlled notifyUri)
    from 0, < 1.2.3
  • HIGH7.3CVE-2026-44320free5GC's NEF nnef-callback route group is unauthenticated; forged callback requests are accepted into the processing path
    from 0, <= 1.2.3