Information disclosure in Free5gc Udr

CVE-2025-69208

free5GC UDR is the user data repository (UDR) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. Versions prior to 1.4.1 contain an Improper Error Handling vulnerability with Information Exposure. All depl…

EPSS: 0.000 (15.5th percentile) — read the EPSS interpretation.

Affected products

Free5gc Udr — versions < 1.4.1

Weakness classification (CWE)

CWE-209 — Generation of Error Message Containing Sensitive Information

References

https://github.com/free5gc/free5gc/security/advisories/GHSA-f3pc-w7jp-4jh2 (x_refsource_CONFIRM)
https://github.com/free5gc/free5gc/issues/753 (x_refsource_MISC)
https://github.com/free5gc/udr/pull/56 (x_refsource_MISC)
https://github.com/free5gc/udr/commit/91bb34bd96e1c89b3fddca80db8b90049da61ebb (x_refsource_MISC)