modules: | |
- module: github.com/free5gc/aper | |
vulnerable_at: 1.0.4 | |
packages: | |
- package: github.com/free5gc/aper | |
symbols: | |
- GetBitString | |
description: | | |
A malformed message can crash the free5gc/amf and free5gc/ngap decoders via | |
an index-out-of-range panic in `aper.GetBitString`. | |
cves: | |
- CVE-2022-43677 | |
ghsas: | |
- GHSA-59hj-62f5-fgmc | |
credit: '@fisherwky' | |
references: | |
- report: https://github.com/free5gc/free5gc/issues/402 |