CVE-2023-47025

Description

An issue in Free5gc v.3.3.0 allows a local attacker to cause a denial of service via the free5gc-compose component.

How to fix CVE-2023-47025

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

• Go/github.com/free5gc/free5gc—no fix listed

Is CVE-2023-47025 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, <= 3.3.0

References (3)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2023-47025
• PATCHgithub.com/free5gc/free5gc
• WEBgithub.com/free5gc/free5gc/issues/501