CNNVD-202512-4861 Information

CNNVD ID

CNNVD-202512-4861

Related CVE

CVE-2025-15156

• CNNVD Published: 2025-12-28

Description (Chinese)

UPF是Aether SD-Core Project开源的一个用户界面。 UPF 2.1.3-dev及之前版本存在代码问题漏洞，该漏洞源于文件/pfcpiface/pfcpiface/messages_session.go中PFCP Session Establishment Request Handler组件函数handleSessionEstablishmentRequest存在空指针取消引用。

Description (English)

UPF is a user interface for Aether SD-Core Projects. The UPF 2.1.3-dev and previous versions have a code problem loophole, which stems from the deletion of the reference to an empty pointer for the PFCP Summit Review Handler component of the file/pfciface/pfcciface/messages session.go.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Aexol Studio

Published

2025-12-28

Last Modified

2026-02-24

References

https://vuldb.com/?submit.719824 https://vuldb.com/?ctiid.338534 https://github.com/omec-project/upf/issues/979 https://vuldb.com/?id.338534 https://access.redhat.com/security/cve/cve-2025-15156