Code Review / ric-plt / appmgr.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b8bdc7b) | patch
Fix CVE-2024-34073 77/15477/1
authormdimado <mdimad005@gmail.com>
Tue, 3 Feb 2026 05:24:39 +0000 (10:54 +0530)
committermdimado <mdimad005@gmail.com>
Tue, 3 Feb 2026 05:25:45 +0000 (10:55 +0530)
commiteb649b990da3976de25ee2a6301ff15e0195c16b
treec7cfda062b696ef484a518e6ae08d5b075f0800dtree | snapshot
parentb8bdc7bd6931461b7a237ab2cad278bc87ba110ecommit | diff
Fix CVE-2024-34073

1. CVE-2024-34073: Added whitelist validation of RMR message types in
   restful.go (parseConfig). xApp registration now fails if unauthorized
   tx/rx message types are provided, preventing malicious or fake RMR
   type registration that could disrupt routing and impact other RIC
   components.

Change-Id: I8490fc9e4dd0baa23fe3fe440cd1980527c8dece
Signed-off-by: Mohammed Imaduddin <mdimad005@gmail.com>
pkg/restful/restful.go diff | blob | history
Provides a flexible and secure way for deploying and managing various RIC xApp applications in Kubernates environment.