Nixpkgs security tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: open5gs

Found 72 matching suggestions

View:
Compact
Detailed
Dismissed
Permalink CVE-2025-15530
5.3 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): Low (L)
  • Exploit Code Maturity (E): Proof-of-Concept (P)
  • Remediation Level (RL): Official Fix (O)
  • Report Confidence (RC): Confirmed (C)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): Low (L)
updated 4 months, 1 week ago by @LeSuisse Activity log
  • Created suggestion 4 months, 1 week ago
  • @LeSuisse ignored package open5gs-webui 4 months, 1 week ago
  • @LeSuisse dismissed 4 months, 1 week ago
Open5GS s11-handler.c assertion

A vulnerability was determined in Open5GS up to 2.7.6. This affects the function sgwc_s11_handle_create_indirect_data_forwarding_tunnel_request of the file /src/sgwc/s11-handler.c. Executing a manipulation can lead to reachable assertion. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The issue report is flagged as already-fixed.

Affected products

Open5GS
  • ==2.7.0
  • ==2.7.3
  • ==2.7.4
  • ==2.7.1
  • ==2.7.5
  • ==2.7.2
  • ==2.7.6

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

Ignored packages (1)

Package maintainers

Current stable was never affected https://github.com/NixOS/nixpkgs/commit/f66adc76c1ad6cd711af7267eea214e09e9515ee
Dismissed
Permalink CVE-2025-15531
5.3 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): Low (L)
  • Exploit Code Maturity (E): Proof-of-Concept (P)
  • Remediation Level (RL): Official Fix (O)
  • Report Confidence (RC): Confirmed (C)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): Low (L)
updated 4 months, 1 week ago by @LeSuisse Activity log
  • Created suggestion 4 months, 1 week ago
  • @LeSuisse ignored package open5gs-webui 4 months, 1 week ago
  • @LeSuisse dismissed 4 months, 1 week ago
Open5GS context.c sgwc_bearer_add assertion

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwc_bearer_add of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The issue report is flagged as already-fixed.

Affected products

Open5GS
  • ==2.7.0
  • ==2.7.3
  • ==2.7.4
  • ==2.7.1
  • ==2.7.5
  • ==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

Ignored packages (1)

Package maintainers

Current stable was never affected

https://github.com/NixOS/nixpkgs/commit/f66adc76c1ad6cd711af7267eea214e09e9515ee