Information disclosure in Free5gc Udr

CVE-2025-69253

free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 of the User Data Repository are affected by Improper Error Handling with Information Exposure. The NEF component reliably le…

EPSS: 0.001 (17.4th percentile) — read the EPSS interpretation.

Affected products

Free5gc Udr — versions <= 1.4.1

Weakness classification (CWE)

CWE-209 — Generation of Error Message Containing Sensitive Information

References

https://github.com/free5gc/free5gc/security/advisories/GHSA-cj2h-x8qm-xgwc (x_refsource_CONFIRM)
https://github.com/free5gc/free5gc/issues/753 (x_refsource_MISC)
https://github.com/free5gc/udr/pull/56 (x_refsource_MISC)
https://github.com/free5gc/udr/commit/754d23b03755ad59077ed529ce3b971e477080c4 (x_refsource_MISC)