Code Review / ric-plt / appmgr.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b8bdc7b) | patch
Fix CVE-2024-34073 09/15409/1 m-release
authormdimado <mdimad005@gmail.com>
Tue, 3 Feb 2026 05:24:39 +0000 (10:54 +0530)
committerAbdul Wahid W <abdulwahid.w@nokia.com>
Wed, 18 Feb 2026 23:44:41 +0000 (23:44 +0000)
commit2f70f24239e3f9281b899b7d5b4807cf36e062d1
treec7cfda062b696ef484a518e6ae08d5b075f0800dtree | snapshot
parentb8bdc7bd6931461b7a237ab2cad278bc87ba110ecommit | diff
Fix CVE-2024-34073

1. CVE-2024-34073: Added whitelist validation of RMR message types in
   restful.go (parseConfig). xApp registration now fails if unauthorized
   tx/rx message types are provided, preventing malicious or fake RMR
   type registration that could disrupt routing and impact other RIC
   components.

Change-Id: I8490fc9e4dd0baa23fe3fe440cd1980527c8dece
Signed-off-by: Mohammed Imaduddin <mdimad005@gmail.com>
(cherry picked from commit eb649b990da3976de25ee2a6301ff15e0195c16b)
pkg/restful/restful.go diff | blob | history
Provides a flexible and secure way for deploying and managing various RIC xApp applications in Kubernates environment.